home

York New Labs (Extreme White Limited)

Publisher Information

York New Labs (Extreme White Limited) is a software developer located in Nicosia, Agios Dometios in CY*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs.
Authority:
COMODO CA Limited

Valid from:
4/15/2015 2:00:00 AM

Valid to:
4/15/2016 1:59:59 AM

Subject:
CN=York New Labs (Extreme White Limited), O=York New Labs (Extreme White Limited), STREET=Tassou Papadopulu 6 (flat/office 22), L=Nicosia, S=Agios Dometios, PostalCode=2373, C=CY

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00927773ae2a990e6beb7e5455470bef66

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP, Win32.Generic.YorkNewLabsExtremeWhiteLimited.Task.Meta, PUP.ExtremeWhite.Bundler.Meta (M), PUP.ExtremeWhite.Bundler (M)
92.86%

Malwarebytes
PUP.Optional.Crossbrowse.C
53.57%

Avira AntiVirus
ADWARE/CrossRider.Gen7
53.57%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
53.57%

ESET NOD32
Win32/Toolbar.CrossRider.CN potentially unwanted (variant), Win32/Toolbar.CrossRider.CT potentially unwanted (variant)
50.00%

VIPRE Antivirus
Crossrider
39.29%

AhnLab V3 Security
PUP/Win32.CrossRider
39.29%

Panda Antivirus
Trj/Genetic.gen
39.29%

Kaspersky
HEUR:Trojan-Downloader.Win32.Generic
35.71%

AVG
Win32/DH{gRJlfRMDICIlV04}
35.71%

1 / 68      (PUP)
496.exe  (92f707123339d5a93d86fcd8e52eabb3)

1 / 68      (PUP)
5807.exe  (3c350357d121d6e50e254207dfd94455)

1 / 68      (PUP)
feccc3d8-649-4d9e-b751-11dffcad6b0.exe  (995f4f6859e3d8d9a4d045440ae0c913)

1 / 68      (PUP)
utility.exe  (884f3f30772b04bdef2313838a2c7f23)

1 / 68      (PUP)
utility.exe  (1d94359e833957de7930acc54d30b879)

1 / 68      (PUP)
838.exe  (09e4942635f3bba7b5c50fc52563b4fd)

1 / 68      (PUP)
utility.exe  (f22583cb1368f24514ad6267d1982877)

1 / 68      (PUP)
9311.exe  (4912cfebd54e69cb94875983bca1c9d0)

1 / 68      (PUP)
16ab667d-ce22-489f-a890-e2ef6b95528f.exe  (b24079ef0d4a29d5efa9124eb7aee43a)

12 / 68    (PUP)
6999.exe  (6395cbbe664968fe125b488cc955d918)

8 / 68      (PUP)
b8100c4f-66cf-4d3b-ac43-5853dbed492.exe  (52ed5e4682625e684873277dba50a75e)

8 / 68      (PUP)
7188.exe  (6fc0dde5f535e6cf6e707c80a6dc3af1)

7 / 68      (PUP)
utility.exe  (a6e78f5204f70c33ca7b37a1e40046a2)

12 / 68    (PUP)
5108.exe  (39a0017d8b980156a5522018f45a451a)

7 / 68      (PUP)
utility.exe  (b57d60cd390792dc0650178631380918)

14 / 68    (PUP)
2e4c54ff-cc9b-42ac-878-6e499077d9e9.exe  (1779c9ca09615bf63199c1c771464373)

10 / 68    (PUP)
1066.exe  (18fbab1803a900c10d5b31507f150edd)

10 / 68    (PUP)
3910.exe  (62391bc3dde48270904c98a2d8b0ad17)

1 / 68      (Malware)
7599.exe  (0bb69a136d92d6800a48f491f37b921f)

10 / 68    (PUP)
2186.exe  (656684622d71b195a7c7dd7fab884c5a)

1 / 68      (Malware)
nsk4658.tmp  (3610a89eab3d560dd2e920b78c86518d)

1 / 68      (Malware)
setup.exe  (1b5f0c64b9ff2affb4063bf262746491)

11 / 68    (PUP)
utility.exe  (e55e7251ef930d6cff55d40b373a6743)

9 / 68      (PUP)
utility.exe  (1ad3cd04b9e3321e624f9eb0f954223c)

11 / 68    (PUP)
2376.exe  (0ef6d231a6b80eb195d341d1ae91e259)

8 / 68      (PUP)
2799.exe  (425054d7a93763a5f9cdeec608b3e3ca)

1 / 68      (Malware)
6591.exe  (0b7d73aed1315268d20ad6b88e9e7a42)

11 / 68    (PUP)
mini_installer.exe  (2cbc2228187071335a76a8ae10b3db88)

Downloads URLs for files signed by York New Labs (Extreme White Limited).

8 / 68      (PUP)
http://download.ewebdomrec.com/crcb/107/.../installer.exe  (425054d7a93763a5f9cdeec608b3e3ca)

1 / 68      (Malware)
http://dl.ourstaticdatastorage.com/69/all/cp/.../setup.exe  (1b5f0c64b9ff2affb4063bf262746491)

9 / 68      (PUP)
http://download.rgbdomsrv.com/crcb/107/.../installer.exe  (1ad3cd04b9e3321e624f9eb0f954223c)

10 / 68    (PUP)
http://dl.ourstaticdatastorage.com/69/all/cp/.../setup.exe  (656684622d71b195a7c7dd7fab884c5a)

8 / 68      (PUP)
http://download.rgbdomsrv.com/crcb/107/.../installer.exe  (425054d7a93763a5f9cdeec608b3e3ca)

11 / 68    (PUP)
http://download.rgbdomsrv.com/crcb/107/.../installer.exe  (e55e7251ef930d6cff55d40b373a6743)

11 / 68    (PUP)
http://download.ewebdomrec.com/crcb/107/.../installer.exe  (e55e7251ef930d6cff55d40b373a6743)

8 / 68      (PUP)
http://download.ewebdomrec.com/69/all/cp/.../setup.exe  (6fc0dde5f535e6cf6e707c80a6dc3af1)

7 / 68      (PUP)
http://dl.ourstaticdatastorage.com/69/all/cp/.../setup.exe  (b57d60cd390792dc0650178631380918)

10 / 68    (PUP)
http://dl.ourstaticdatastorage.com/69/all/cp/.../setup.exe  (62391bc3dde48270904c98a2d8b0ad17)

10 / 68    (PUP)
http://dl.ourstaticdatastorage.com/69/all/cp/.../setup.exe  (18fbab1803a900c10d5b31507f150edd)

9 / 68      (PUP)
http://download.ewebdomrec.com/crcb/107/.../installer.exe  (1ad3cd04b9e3321e624f9eb0f954223c)

The following websites host and distribute files published by York New Labs (Extreme White Limited).

download.rgbdomsrv.com

download.ewebdomrec.com

dl.ourstaticdatastorage.com

The following publishers (by Authenticode signature organization name) are related.

City Center Games (Extreme White Limited)

Digit Network (Extreme White Limited)

NightWish Center (Bright Circle Investments Ltd)

Oral Teams (Extreme White Limited)

You Two Lab (Extreme White Limited)

Web Bar Media

ClientConnect LTD

Baggio Technologies (BrightCircle Investments Limited)

think-cell Software GmbH

Site on Spot Limited

Performix LLC

Clash Project (Bright Circle Investments Ltd)

* Note, the details and description above are based on the code signing digital signature issued to York New Labs (Extreme White Limited) by COMODO CA Limited on April 15, 2015 with the serial number '00927773ae2a990e6beb7e5455470bef66'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.