WebAppTech Coding LLC

Publisher Information

WebAppTech Coding LLC is a software developer located in Grandville, Michigan in the United States*. The company is a primary distributor of unwanted software. WebAppTech is an adware/malware distributor of ad-supported bundled software such as SearchDonkey, Safe Monitor and TVGenie run by Steve Iverson registered in Delaware but located at 640 Grand Ave, Carlsbad, CA 92008. The primary application that publisher distributes is web browser extesnsions that are bundled by 3rd-part download managers. The company is/patners with various other adware publishers under the same team including Parallel Lines Development, Data Beat Solutions, GenTechnologies Apps and Western Web Applications. There is one additional code signing certificate issued to this publisher.
Authority:
VeriSign, Inc.

Valid from:
12/23/2013 7:00:00 PM

Valid to:
12/24/2014 6:59:59 PM

Subject:
CN=WebAppTech Coding LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=WebAppTech Coding LLC, L=Grandville, S=Michigan, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1a6411a4888df6223df9c572f9be2e96

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.WebAppTechCoding.T, PUP.WebAppTechCoding.G, PUP.Installer.WebAppTechCoding.T, PUP.WebAppTechCoding.Y, PUP.WebAppTechCoding.M, PUP.WebAppTechCoding.O, PUP.Injekt.WebAppTechCoding.Installer (M), PUP.Injekt.WebAppTechCoding (M), PUP.Injekt.WebAppTe (M), PUP.Injekt.WebAppTe.Installer (M), PUP.Injekt (M)
100.00%

VIPRE Antivirus
SearchDonkey, Injekt, Threat.4784449
48.00%

ESET NOD32
MSIL/Adware.PullUpdate (variant), Win32/ExFriendAlert (variant), MSIL/Adware.PullUpdate.G.gen (variant)
36.00%

Agnitum Outpost
PUA.PullUpdate, PUA.SaMon
32.00%

Comodo Security
ApplicUnwnt
30.00%

Malwarebytes
PUP.Optional.SearchDonkey.A, PUP.Optional.Updater.A, Adware.SaMon, PUP.Optional.MultiExtension.A
30.00%

McAfee
Artemis!FA45E41A1429, Artemis!A1D7C15CD80B, Artemis!C3C38B1414B7, Artemis!88FAAAAE68FB, Artemis!0A349A53E1FF, Artemis!084E7882C809, Artemis!CBF15E21075A, Artemis!CF433871AE4D
28.00%

McAfee Web Gateway
Artemis!FA45E41A1429, Artemis!A1D7C15CD80B, Artemis!C3C38B1414B7, Artemis!88FAAAAE68FB, Artemis!0A349A53E1FF, Artemis!PUP
28.00%

IKARUS anti.virus
AdWare.Agent, PUA.Downloader, Trojan.MSIL3, not-a-virus:AdWare.Win32.SaMon, PUA.Toolbar.WebApp, AdWare.SaMon, AdWare.MSIL.PullUpdate
28.00%

Trend Micro House Call
TROJ_GEN.F47V0327, TROJ_GEN.F47V0605, Suspicious_GEN.F47V0612, TROJ_GEN.F47V0328, TROJ_GEN.F47V0326, TROJ_GEN.F47V0604, TROJ_GEN.F47V0608
26.00%

1 / 68      (Adware)

1 / 68      (Adware)
helper.dll  (d05d50304589a5e9d333bbd75ef4f794)

1 / 68      (Adware)
helper.dll  (a94067cb6ef9a7838d61069f792aa06c)

1 / 68      (Adware)
searchdonkey.e3e38e2b3c8c.dll  (25b032551fe9a79e2c1a44120ff0eed5)

1 / 68      (Adware)
SearchDonkey.exe (SearchDonkey by WebAppTech Coding)  (703e4a002eaa05f3a8acf7f4977f50c7)

1 / 68      (Adware)

1 / 68      (Adware)
sd_uk.exe  (85264a091c0231d4b6ec13d7f151352e)

1 / 68      (Adware)
uninstall.exe  (3ec749c9a8cfef3cbe18717951ba01d9)

1 / 68      (Adware)
sd_uk.exe  (f6ab3929508a2486432bd539c54d73a0)

1 / 68      (Adware)

1 / 68      (Adware)
setup{87a867cc-b75b-4c0d-9bb5-c76a3a47efe1}.exe  (c459e98f729f3d8575b93b2678193cfd)

1 / 68      (Adware)
searchdonkey.e3e38e2b3c8c.dll  (6452aea3dbe2d033cfe352a51e121295)

1 / 68      (Adware)
helper.dll  (5f21952d0de81c0c0138bdcebe76ff45)

1 / 68      (Adware)
SearchDonkey.exe (SearchDonkey by WebAppTech Coding)  (58b5304df9a295ccfe14753610b34978)

1 / 68      (Adware)
searchdonkey.e3e38e2b3c8c.dll  (8f28380d02d9391242c7023ea08e747a)

1 / 68      (Adware)
sd_us.exe  (0ca5cfca9644a83029fa47f1b32dcd2d)

1 / 68      (Adware)

1 / 68      (Adware)
SearchDonkey.exe (SearchDonkey by WebAppTech Coding)  (57103d189a2a720f4d0e9cd025d5d51b)

1 / 68      (Adware)
updater.exe (Updater)  (f7d5d3be1bede1b55721d0d8d2d4003c)

1 / 68      (Adware)
uninstall.exe  (bc00356388e1b4b970fece6788f94de6)

1 / 68      (Adware)
searchdonkey.e3e38e2b3c8c.dll  (4aae0f90c3ab22fbd39a6ea8cd68c387)

1 / 68      (Adware)

1 / 68      (Adware)
helper.dll  (e4dd7f3f18cfd5220b9cc915762665ae)

1 / 68      (Adware)
uninstall.exe  (dec525b1053f57bec3e620734ba401a9)

1 / 68      (Adware)
uninstall.exe  (cb2e626068b9ed7535f261bcbadb1a21)

22 / 68    (Adware)
SearchDonkey.exe (SearchDonkey by WebAppTech Coding)  (e5b1011326a2bae09a7064a0a80a41fc)

1 / 68      (Adware)
searchdonkey.e3e38e2b3c8c.dll  (7fdbdbf1603016109a4a83d5be4b8e73)

15 / 68    (Adware)

1 / 68      (Adware)

8 / 68      (Adware)
yixzwqenvx.exe (SearchDonkey by WebAppTech Coding)  (df30c40e7a25d55d114090882b35877d)

 
Latest 30 of 94 files

Top-level domains owned by WebAppTech Coding LLC.

The following certificate is also signed by WebAppTech Coding LLC.

00ED976277604B937F55FA8DF427C5B534  (Jan 15, 2013 to Jan 16, 2014)

The following publishers (by Authenticode signature organization name) are related.

* Note, the details and description above are based on the code signing digital signature issued to WebAppTech Coding LLC by VeriSign, Inc. on December 23, 2013 with the serial number '1a6411a4888df6223df9c572f9be2e96'.