Dinosaur

Publisher Information

Dinosaur is a software publisher located in Cali, Pandora in Netherlands*. There is one additional code signing certificate issued to this publisher.
Authority:
getaCert - www.getacert.com

Valid from:
4/1/2015 11:58:13 PM

Valid to:
5/31/2015 11:58:13 PM

Subject:
E=LOL@run.away, CN=Melaldon, OU=Carnivore, O=Dinosaur, L=Cali, S=Pandora, C=NL

Issuer:
O=getaCert - www.getacert.com, L=Seattle, S=Washington, C=US

Serial number:
0df6

Scanner detections:
Malware distribution  (94% detected)

Scan engine
Details
Detections

Emsisoft Anti-Malware
Trojan.GenericKDZ.27648, Trojan.Generic.13128564, Trojan.GenericKD.2277693, Trojan.GenericKD.2270178, Trojan.GenericKDZ.27682
100.00%

MicroWorld eScan
Trojan.GenericKDZ.27648, Trojan.Generic.13128564, Trojan.GenericKD.2277693, Trojan.GenericKD.2270178, Trojan.GenericKDZ.27682, Trojan.Generic.13122047, Trojan.Generic.15162749
86.67%

nProtect
Trojan.GenericKDZ.27648, Trojan.Generic.13128564, Trojan.GenericKD.2277693, Trojan.GenericKD.2270178, Trojan/W32.Agent.519696
86.67%

ESET NOD32
Win32/TrojanDownloader.Banload.SJG, MSIL/Injector.IZQ (variant), Win32/TrojanDownloader.Banload.VSA, MSIL/Kryptik.BPM (variant)
86.67%

avast!
Win32:Broban-AR [Trj], Win32:Malware-gen
86.67%

Bitdefender
Trojan.GenericKDZ.27648, Trojan.Generic.13128564, Trojan.GenericKD.2277693, Trojan.GenericKD.2270178, Trojan.GenericKDZ.27682
86.67%

Lavasoft Ad-Aware
Trojan.GenericKDZ.27648, Trojan.Generic.13128564, Trojan.GenericKD.2277693, Trojan.GenericKD.2270178, Trojan.GenericKDZ.27682
86.67%

G Data
Trojan.GenericKDZ.27648, Trojan.Generic.13128564, Trojan.GenericKD.2277693, Trojan.GenericKD.2270178, Trojan.GenericKDZ.27682
86.67%

Fortinet FortiGate
MSIL/Banload.SJG!tr, MSIL/Injector.IXP!tr, W32/Banload.SJG!tr.dldr, MSIL/IXP!tr, MSIL/Injector.IZQ!tr, MSIL/Kryptik.BPM!tr
86.67%

AVG
PSW.MSIL, Generic, MSIL7, Downloader.Banload2, Downloader.MSIL
86.67%

0 / 68
explorer.exe (NilppEtB)  (94a64feb9b4d51bc66111f8820cfa3e9)

32 / 68    (Malware)
u9ljh.exe (XssjiriW)  (0256fef5e3bc2b7a68990b14aebcd20e)

16 / 68    (Malware)
screenshot.png .exe (wNBizlON)  (51e7ddefeabf03656ad8c979f9eb0309)

28 / 68    (PUP)
zKqTyFfR.exe (zKqTyFfR)  (007b1cbfb526b3333fc7037c8bd7d7fc)

29 / 68    (PUP)
img_02112014.scr (lCsRLSwJ)  (8afc2c1555afe4c96a73a061e585c202)

4 / 68      (Malware)
chrome.exe (xhzjtgTO)  (a211592b205261540c0350626df97815)

32 / 68    (Malware)
{blocked}.exe (ZFWFnxHA)  (1684f3e569b21cec770529bf4e88d3b7)

16 / 68    (Malware)
{blocked}.exe (RBKGdKPo)  (cfba1ee33077ef8e1afc8784718b0cd6)

5 / 68      (Malware)
{blocked}.exe (KyLfODfr)  (1474caba483d2de93b9f2eb3bec60c2d)

32 / 68    (Malware)
copiacheques.exe (yfROxRFR)  (8158fbefc24c9897179429262370938b)

35 / 68    (Malware)
manifestoeletronico.exe (vAGwLjtM)  (5794139c8b028a7b30602ccd89d1d6a1)

22 / 68    (Malware)
winhttpres.exe (UIMWMQVs)  (f4c1eeff2c0575ebbbcd633582612dba)

31 / 68    (Malware)
copiacheques.exe (JuqLMwEK)  (c33621e4f89e2da4aaa62e364b3b98cc)

14 / 68    (Malware)
GSZWjyfm.exe (GSZWjyfm)  (97a249810c231b31b11b6eddda33e955)

26 / 68    (Malware)
explorer.exe (ldffdfDz)  (6521af52e189abe3904ce9731e833986)

37 / 68    (Malware)
wrSMduWo.exe (wrSMduWo)  (cb92124345898b9f5be6b0130260c084)

Downloads URLs for files signed by Dinosaur.

37 / 68    (Malware)
https://storage.googleapis.com/.../InnaComponentes.exe  (cb92124345898b9f5be6b0130260c084)

16 / 68    (Malware)
http://goo.gl/TsomOX  (screenshot.png .exe)

32 / 68    (Malware)
https://storage.googleapis.com/.../CopiaCheques.exe  (8158fbefc24c9897179429262370938b)

35 / 68    (Malware)

The following websites host and distribute files published by Dinosaur.

The following certificate is also signed by Dinosaur.

0CF5  (Mar 15, 2015 to May 14, 2015)

The following publishers (by Authenticode signature organization name) are related.

30 of 71 publishers

* Note, the details and description above are based on the code signing digital signature issued to Dinosaur by getaCert - www.getacert.com on April 01, 2015 with the serial number '0df6'.