home

广西南宁市昇泰安电子商务发展有限公司

Publisher Information

广西南宁市昇泰安电子商务发展有限公司 is a software publisher located in Nanning, Guangxi in China*. There is one additional code signing certificate issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
9/30/2013 8:00:00 AM

Valid to:
10/1/2015 7:59:59 AM

Subject:
CN=广西南宁市昇泰安电子商务发展有限公司, O=广西南宁市昇泰安电子商务发展有限公司, L=Nanning, S=Guangxi, C=CN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
76dd278e092bf6ee580a121c8bf52d66

Scanner detections:
Malware distribution  (80% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation.IMP
80.95%

ESET NOD32
Win32/WuJi (variant), Win32/WuJi.A potentially unwanted (variant), Win32/WuJi.K potentially unwanted (variant)
14.29%

Malwarebytes
Trojan.Spy.Zbot, PUP.Optional.MedCh, Adware.Chad
11.90%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
11.90%

McAfee
PUP-FNT, Artemis!FEEEEC6AA566, Trojan-FENI!3AF5A7C6CFBF, Artemis!C1294E97EBDE
9.52%

Dr.Web
Trojan.DownLoader11.34098, Trojan.DownLoader11.4341, Trojan.Siggen6.29990, DLOADER.Trojan
9.52%

VIPRE Antivirus
Trojan.Win32.Generic
9.52%

G Data
Win32.Application.WuJi, Trojan.GenericKD.1788786, Win32.Trojan.Agent.CH27KX
9.52%

IKARUS anti.virus
PUA.WuJi
7.14%

Baidu Antivirus
PUA.Win32.WuJi
7.14%

1 / 68      (Malware)
setup_4671.exe  (cbb1fbff3671089b8c42c57a04888625)

1 / 68      (Malware)
setup_3394.exe (by sjg)  (fa6727a9c97022719d1dfbaccc19362e)

1 / 68      (Malware)
setup_622.exe  (256a53ced9c5b367c90994067a68156e)

1 / 68      (Malware)
高清版_4797.exe  (a5438602cc30aee7a43ecef5526ee31c)

1 / 68      (Malware)
setup_3394.exe (by sjg)  (12d0ecfafc5dca5b25de009b6eacc162)

12 / 68    (PUP)
setup_5033.exe  (c1294e97ebdede03e12fd30e3aeb3f8f)

1 / 68      (Malware)
setup_11.exe (by sjg)  (3ca27baa8bbf6dd5860146fcf8ca7ccf)

16 / 68    (Malware)
setup_4960.exe (by shengtan)  (3af5a7c6cfbffbf3cfa63330c514e2af)

1 / 68      (Malware)
setup_3394.exe (by Staian)  (18dc000337595081c16d94c0315438b1)

1 / 68      (Malware)
高清版_4763.exe  (665dcd1714427503fb423d81485e4333)

1 / 68      (Malware)
setup_3394.exe (by sjg)  (5d0ab31b1d4f3aa2566f21942891196c)

1 / 68      (Malware)
高清版_4797.exe  (8956a64d9344468c75c90a55e3652892)

1 / 68      (inconclusive)
setup_3386.exe (by Staian)  (f73ce64af16731a16c5ae78f6a144571)

1 / 68      (Malware)
setup_11.exe (by sjg)  (74aee08cbb4b1faa1e7c85064964869e)

1 / 68      (Malware)
setup_3394.exe (by Staian)  (f6814aa2acf98ae77c60d96035102506)

1 / 68      (inconclusive)
setup_3346.exe (by Staian)  (e00a95bd446f513a14eaec81bcc91c4f)

1 / 68      (Malware)
setup_3394.exe (by Staian)  (eb380a9de1cb745cf7aac85a92cc31bc)

1 / 68      (Malware)
qvod_4790.exe  (7bcf2a8cb3e9462ba13c620d9fd3b8cd)

0 / 68
Unins.exe (by sta)  (26435a24f46c703e4c473da33f542ea0)

1 / 68      (Malware)
setup_3394.exe (by sjg)  (1e36f17bb396c28a1e8734c170bea8a3)

1 / 68      (Malware)
setup_11.exe (by sjg)  (46e70590dd3c794aebd02d57cb9636c7)

1 / 68      (Malware)
setup_5120.exe  (6aed8aef29336ae6a5c50454324d6684)

0 / 68
wjfast2.exe  (2d78b860f3c60b61ecd2d617e9bb3430)

0 / 68
Unins.exe (by sta)  (08ce34f7877b1d2e78344b755713e6de)

0 / 68
playerupdate.exe  (f577870bf7c48eb3ee0816846d2d7f60)

0 / 68
duilib.dll  (ec1c8e76139d495eb6181542ceca00a3)

0 / 68
setup_3294.exe (by Staian)  (31d8317227429bc2ab921e7758e64ea6)

7 / 68      (Malware)
高清版_4797.exe (by shengtan)  (b18b2a46f66094246b3a6bd56880366d)

0 / 68
setup_3294.exe (by Staian)  (366904052d24699abc8ea83758b1a7de)

0 / 68
setup_11.exe (by Staian)  (9b7d14ccd5dcd305e70d9c961ac101f7)

 
Latest 30 of 977 files

Downloads URLs for files signed by 广西南宁市昇泰安电子商务发展有限公司.

1 / 68      (Malware)
http://download.wuji.com:6677/wuji/.../Qvod_4790.exe  (7bcf2a8cb3e9462ba13c620d9fd3b8cd)

1 / 68      (Malware)
http://www.baidu.com/cb.php?c=IgF_pyfqnHRzPWf3PHb0IZ0qnfK9ujYknWnsrj6v0Aw-5HDkrjf4njm0TAq15H61nWf1P0K15HRLPHcvm1nLrH-BuhNbuyn0uZfqnHfsrjT4rHRYn0KdThsqpZwYTjCEQvwEIv4_Uv7bQMIdphb8mvqVrWmvP1TEmhTEwv7VuNtdnH0LQhN3ufKzujYv0AFV5H00TZcqn0KdpyfqnHn4nHDYr0KEpyfqnHbLPWR0mv-b5Hn1PHnkr0KEIv3qnHb1nWm0mLFW5HDvPH64  (game_5107.exe)

The following certificate is also signed by 广西南宁市昇泰安电子商务发展有限公司.

5A022B6CB6468DDD825F2F3294E622BA  (Oct 22, 2014 to Oct 22, 2015)

* Note, the details and description above are based on the code signing digital signature issued to 广西南宁市昇泰安电子商务发展有限公司 by Thawte, Inc. on September 30, 2013 with the serial number '76dd278e092bf6ee580a121c8bf52d66'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.