home

冻冻 贾

Publisher Information

冻冻 贾 is a software publisher located in 新乡市, China*.
Authority:
Thawte, Inc.

Valid from:
7/14/2014 8:00:00 AM

Valid to:
7/14/2016 7:59:59 AM

Subject:
CN=冻冻 贾, OU=Individual Developer, O=No Organization Affiliation, L=河南省, S=新乡市, C=CN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
4501f7f248e5bee62a5eefd9fa349eb4

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

Trend Micro House Call
Suspicious_GEN.F47V1112, Suspicious_GEN.F47V1111, Suspici.5C7004B2
42.86%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
42.86%

McAfee
Artemis!EB8776CD0C14, Artemis!88FFFDBF00B3
28.57%

avast!
Win32:Ramnit-CY, Win32:Malware-gen
28.57%

ESET NOD32
Win32/RiskWare.YouXun (variant)
28.57%

K7 AntiVirus
Riskware
14.29%

Total Defense
Win32/Tnega.dSPHYGC
14.29%

VIPRE Antivirus
Trojan.Win32.Generic
14.29%

IKARUS anti.virus
Win32.Ramnit
14.29%

AVG
Win32/Ramnit.A
14.29%

0 / 68
zlbt.exe  (fb84771254235b0cef3062fc8e3e2380)

0 / 68
SYupdate.exe  (d6188e9e9e64c97cf2b7261d44357cc5)

0 / 68
yxdown3_gcld.exe  (a23613bcb41993c1d42de87d00ccd568)

1 / 68      (inconclusive)
yxdowna_99300.exe  (8197402a5477ba1a16820ad491339d6e)

0 / 68
icontip.exe  (1cc15b269bb0f2da5cac398cbe1260a5)

0 / 68
yxdown_mycs.exe  (eeb27d5682cec0eae6cb798570dd4fff)

7 / 68      (PUP)
yxdowna_62234.exe  (88fffdbf00b3a102e4f572800d32b88b)

0 / 68
yxdown_dhd.exe  (6d29746a29bca4a1304bcf8d7d0919b9)

0 / 68
SYupdate.exe  (dfd3c749203ea74218cbd29d73f5d325)

0 / 68
qsmy.exe  (2decbcc6aadeb36333d37e0c4e4f7678)

0 / 68
gzzh.exe  (285a647b43714581675509fb49e3010a)

0 / 68
icontip.exe  (2f8133d498298accabf6f0af9e024ea1)

0 / 68
gzzh.exe  (33a31883b8ac8d6c6c2fe1e67b9296cd)

0 / 68
yxdown_bt.exe  (6970b2185338da3872ba017f63655345)

0 / 68
yxdowna_35862.exe  (c601931856819631a7210361f5691ca6)

0 / 68
mycs.exe  (aae575cc0c689a03e5bb8a5ca3a211c6)

0 / 68
mycs.exe  (dc21f615024ba0dc12b03b12e546cba2)

1 / 68      (inconclusive)
yxdowna_90895.exe  (6ed4a2ae56caac023223b34866766e22)

8 / 68      (Malware)
yxdown_zlcq.exe  (eb8776cd0c14635cd547916f52e508d7)

0 / 68
yxdown_mycs.exe  (445941d1e0da2e62cb6b3fefcf212f04)

1 / 68
yxdown6_gzzh.exe  (0f5bff91d0a8e08def6ebbfaec241b9f)

2 / 68
yxdown_gzzh.exe  (c0e3bffe8eded2a135bb970133b576f3)

2 / 68
yxdown_zlbt.exe  (610c84acf4b7fb145c25ec7bd57c96a3)

0 / 68
zlbt.exe  (58312ddf2794043aaf09a4661511f96b)

Downloads URLs for files signed by 冻冻 贾.

0 / 68
http://xxx2015.15211223344.com/.../yxdowna_91699.exe  (c601931856819631a7210361f5691ca6)

1 / 68      (inconclusive)
http://xxx2015.15211223344.com/.../yxdowna_40045.exe  (6ed4a2ae56caac023223b34866766e22)

1 / 68      (inconclusive)
http://xxx2015.15211223344.com/.../yxdowna_7179.exe  (6ed4a2ae56caac023223b34866766e22)

1 / 68      (inconclusive)
http://xxx2015.15211223344.com/.../yxdowna_122198.exe  (6ed4a2ae56caac023223b34866766e22)

1 / 68      (inconclusive)
http://xxx2015.15211223344.com/.../yxdowna_45611.exe  (6ed4a2ae56caac023223b34866766e22)

1 / 68      (inconclusive)
http://xxx2015.15211223344.com/.../yxdowna_99300.exe  (8197402a5477ba1a16820ad491339d6e)

1 / 68      (inconclusive)
http://xxx2015.15211223344.com/.../yxdowna_37945.exe  (6ed4a2ae56caac023223b34866766e22)

1 / 68      (inconclusive)
http://xxx2015.15211223344.com/.../yxdowna_7483.exe  (6ed4a2ae56caac023223b34866766e22)

1 / 68      (inconclusive)
http://xxx2015.15211223344.com/.../yxdowna_37635.exe  (6ed4a2ae56caac023223b34866766e22)

1 / 68      (inconclusive)
http://xxx2015.15211223344.com/.../yxdowna_41847.exe  (6ed4a2ae56caac023223b34866766e22)

1 / 68      (inconclusive)
http://xxx2015.15211223344.com/.../yxdowna_63987.exe  (6ed4a2ae56caac023223b34866766e22)

1 / 68      (inconclusive)
http://xxx2015.15211223344.com/.../yxdowna_77958.exe  (6ed4a2ae56caac023223b34866766e22)

0 / 68
http://xxx2015.15211223344.com/.../yxdowna_35862.exe  (c601931856819631a7210361f5691ca6)

The following websites host and distribute files published by 冻冻 贾.

xxx2015.15211223344.com

The following publishers (by Authenticode signature organization name) are related.

Qiuzhi Information Technology Co.,Ltd.

* Note, the details and description above are based on the code signing digital signature issued to 冻冻 贾 by Thawte, Inc. on July 14, 2014 with the serial number '4501f7f248e5bee62a5eefd9fa349eb4'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.