home

Tuguu S.L.

Publisher Information

Tuguu S.L. is a software publisher located in Adeje, Santa Cruz De Tenerife in Spain*. The company is a primary distributor of unwanted software. Thre are 4 additional code signing certificates issued to this publisher.
Authority:
Starfield Technologies, Inc.

Valid from:
6/18/2014 8:52:55 AM

Valid to:
6/18/2015 8:52:55 AM

Subject:
CN=Tuguu S.L., O=Tuguu S.L., L=Adeje, S=Santa Cruz de Tenerife, C=ES

Issuer:
CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
4afa4a3660eff4

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.TuguuSL.W, PUP.TuguuSL.U, PUP.TuguuSL.F, PUP.Installer.TuguuSL.L, PUP.TuguuSL.J, PUP.TuguuSL.G, PUP.TuguuSL.P, PUP.Tuguu.Bundler (M), PUP.Tuguu (M)
100.00%

VIPRE Antivirus
Threat.4150696, Threat.4783235, Trojan.Win32.Generic
21.95%

avast!
Win32:DomaIQ-CS [PUP], Win32:Adware-BQR [Adw]
21.95%

McAfee
Adware-DomaIQ, CryptDomaIQ, Program.Adware-DomaIQ
21.95%

Malwarebytes
PUP.Optional.DomaIQ, PUP.Optional.Domalq, PUP.Optional.Dropper.BL
21.95%

Kaspersky
not-a-virus:HEUR:AdWare.MSIL.DomaIQ, not-a-virus:AdWare.Win32.Lollipop, not-a-virus:AdWare.MSIL.DomaIQ
21.95%

ESET NOD32
Win32/DomaIQ.BI potentially unwanted application, Win32/DomaIQ.BB potentially unwanted application, Win32/DomaIQ.BK potentially unwanted application
19.51%

AVG
Adware Generic_r.NH, Trojan horse Downloader.Generic13.CLIR.dropper, Downloader.Generic13.CLYK.dropper, Downloader.Generic13.CIDW.dropper
19.51%

MicroWorld eScan
Gen:Variant.Application.Bundler.DomaIQ.12, Application.Bundler.DomaIQ.J, Application.Bundler.DomaIQ.Q, Dropped:Trojan.GenericKD.1773866
19.51%

Bitdefender
Gen:Variant.Application.Bundler.DomaIQ.12, Application.Bundler.DomaIQ.J, Application.Bundler.DomaIQ.Q, Dropped:Trojan.GenericKD.1773866
19.51%

1 / 68      (Adware)
php expert editor.exe  (50a901bb4f83ce7e0a58c0646a7c3cf6)

1 / 68      (Adware)
00000000  (5d91e695ede4ce1afdc3e0628780a9b9)

1 / 68      (Adware)
00000001  (26e439cec6a41e212f9908ee43ba25c0)

1 / 68      (Adware)
00000000.quarantine  (f06e33a6b7e6ffe33fab8e7b8551bc10)

1 / 68      (Adware)
00000000  (d32a9dae4497f7c9b0da0207f93a5d59)

1 / 68      (Adware)
guitar-and-bass.exe  (1fbc8f1ae9354bf31424fa7175b7ed68)

1 / 68      (Adware)
guitar-and-bass.exe  (e02b0e985dee200be68be76eae6f8809)

1 / 68      (Adware)
corel draw.exe  (b0b609c26e4cf1978da03ff7d99edbed)

1 / 68      (Adware)
00000000  (1dad59b60a7ede06c0da14958fb3c9e2)

1 / 68      (Adware)
00000000  (4aa4db972172ca89ea2aab9c1062d7b5)

1 / 68      (Adware)
avast.exe  (73c92dad1ac9c39394b381fc3fd54f69)

1 / 68      (Adware)
itunes.exe  (7b7e08498a1c56cc0d5f7f3f68d3704d)

1 / 68      (Adware)
driver-detective-6-6-fr.exe  (ef2c1773767500405c35852260fb8fb6)

1 / 68      (Adware)
avast.exe  (caeed180acd03232ecd25090d49efe7a)

1 / 68      (Adware)
minecraft.exe  (28bcad00aee4e49f9cb28c7e8e5bb623)

1 / 68      (Adware)
minecraft.exe  (f5ccd12f480bf5ceeaef9ecf36b735bb)

1 / 68      (Adware)
minecraft.exe  (08ea5b366c3ae29fe88a061a541743b8)

1 / 68      (Adware)
00000000  (97c46d57eea5e0e47b3eeb7e416e4579)

1 / 68      (Adware)
00000000  (b7f3fe13e58499b8c5c350c67d25eae6)

1 / 68      (Adware)
00000001  (4375a1abe88b24f12c56c308cbe0902f)

1 / 68      (Adware)
whatsapp.exe  (1dc30d81a370564bd86373a5c2b69a42)

1 / 68      (Adware)
whatsapp.exe  (92c0b8bbd143b00502c107e67b945024)

1 / 68      (Adware)
00000000  (6dd60a5222ec46a1b864fb2c2381dab2)

1 / 68      (Adware)
00000000  (5363b8eabf2a1c68a22d84516fc0776c)

1 / 68      (Adware)
photo slideshow creator.exe  (4f8546ad21476f48bf9421c34a69631b)

1 / 68      (Adware)
ccleaner.exe  (a2c4233bed35e01db1ffe4f58dd6e344)

1 / 68      (Adware)
ccleaner.exe  (fd24bc8940e4cf4c3a634e14bd392f53)

1 / 68      (Adware)
avast.exe  (02125332920a3da3fda8a0620e68896e)

1 / 68      (Adware)
00000000  (5f4605ee03df14486584b13e9b23c211)

1 / 68      (Adware)
00000001  (3b5d26157f7a6c676145eaff06552b3f)

 
Latest 30 of 41 files

Downloads URLs for files signed by Tuguu S.L..

1 / 68      (Adware)
http://www.downloadnd.com/download/.../minecraft.exe  (08ea5b366c3ae29fe88a061a541743b8)

1 / 68      (Adware)
http://downloads.gufile.com/.../avast.exe  (9563ffc4ca6ad03a59415847b8368dfc)

21 / 68    (Adware)
http://dlp.cloudsvr566.com/lUtC-lMPy-5m59aZ-0A77SgLxt9Tw-lWM5nouJeFwvgC-TB68F65m7sVE-NHoFIvERgywraD81_OBExeVZ2Hs5TV-os5j_ECemdrHdZ-JNBBQNivD0xgtQ3E7EpsHmD_ynE1AlFfZVvzWGO3iTy-9A  (flash banner creator.exe)

The following websites host and distribute files published by Tuguu S.L..

www.downloadnd.com

dlp.cloudsvr566.com

downloads.gufile.com

The certificates below are also signed by Tuguu S.L..

04084650990A90  (Mar 17, 2014 to Mar 17, 2015)

099FA0FF5AB358109F600F1A845EEE88  (Jan 14, 2014 to Jan 22, 2015)

4B49CE87BAE8BE  (Dec 09, 2013 to Dec 09, 2014)

08EC69B75B2FE31EC2C53E0E441AC0E1  (May 14, 2013 to Jul 18, 2014)

The following publishers (by Authenticode signature organization name) are related.

Tuguu SL

Tuguu S.L.U.

Tuguu SLU

Tuguu Israel Ltd

Awimba LLC

Payments Interactive SL

Payments Interactive S.L.

Clovermedia SLU

Clovermedia SL

tuguu sl

Tuguu S.L

TUGUU SL

Lunacom Interactive Ltd

Binarit personal computer peripheral equipment

TUGUU, SL

Sambamedia SL

* Note, the details and description above are based on the code signing digital signature issued to Tuguu S.L. by Starfield Technologies, Inc. on June 18, 2014 with the serial number '4afa4a3660eff4'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.