» Direct DoWnloaD gTt
Digital Signature
Analysis
Files (28)
Downloads (3)
Distribution (1)
Related (30)

Direct DoWnloaD gTt

Publisher Information

Direct DoWnloaD gTt is a software developer located in Dublin, Ireland*. The company is a primary distributor of unwanted software. Thre are 23 additional code signing certificates issued to this publisher.

Authority:

thawte, Inc.

Valid from:

6/4/2015 2:00:00 AM

Valid to:

1/27/2016 3:59:59 PM

Subject:

CN=Direct DoWnloaD gTt, O=Direct DoWnloaD gTt, L=Dublin, S=Dublin, C=IE

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

1a9527b3080b7a2460b95f1fdb83360e

Scanner detections:

Detections (100% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Outbrowse.Bundler, PUP.Outbrowse.DirectDoWnloaDgTt.Bundler (M), PUP.Outbrowse.DirectDo.Bundler (M), PUP.Outbrowse (M)

100.00%

AVG

Downloader

10.71%

VIPRE Antivirus

Threat.4784459, Threat.4150696

7.14%

ESET NOD32

Win32/OutBrowse.CE potentially unwanted application

7.14%

McAfee

Program.Adware-OutBrowse.g

7.14%

K7 AntiVirus

Unwanted-Program

7.14%

Trend Micro House Call

Suspici.CD691FD1

7.14%

ESET NOD32

Win32/OutBrowse.BZ potentially unwanted (variant)

3.57%

Avira AntiVirus

PUA/Outbrowse.Gen

3.57%

G Data

Win32.Adware.Outbrowse

3.57%

1 / 68 (Adware)

setup.exe (BGVKJ) (f79c3104a27dcb1af6a4f31321c556a4)

1 / 68 (Adware)

setup.exe (XAQOM) (ea01e8852a63542de8f1e76fe031eb91)

1 / 68 (Adware)

setup.exe (IXBQA) (f5abe60c83601af2527ea19cd3549c05)

1 / 68 (Adware)

Setup.exe (TZSEU) (8e4f787e0c0715366943d61c71583fd6)

1 / 68 (Adware)

setup.exe (NHHUH) (1829ab84ab731489100fa13399265d6b)

1 / 68 (Adware)

setup.exe (NCTXW) (67c697f872eab716cb683db0f2f4a054)

1 / 68 (Adware)

ninja codes generator v2.12.exe (YGPTB) (b634f63386308ce8970b49e728c54086)

1 / 68 (Adware)

setup.exe (VFAHM) (e1ab33729963778bd01b0e6411e868d1)

1 / 68 (Adware)

setup.exe (NOLKK) (0e9f26726c01137c484980734f27112c)

1 / 68 (Adware)

setup.exe (YAQAT) (79b757b50479b83547969c5805c534ba)

1 / 68 (Adware)

high school story hack tool cheats free.exe (GDKWF) (596baa7197b4f5d94007547e554edeb3)

1 / 68 (Adware)

high school story hack tool cheats free.exe (GCWPV) (ef69fab98f652c16c93a0063e669e518)

1 / 68 (Adware)

high school story hack tool 2014 updated version no survey.exe (LHAEM) (68a959794dbf353410c87bf4dbdc7cf5)

1 / 68 (Adware)

high school story hack tool 2014 updated version no survey.exe (KSLBB) (19336e4c710958dc681636f2d8b9b33f)

1 / 68 (Adware)

setup.exe (CZAUC) (5ba46b8beffca1f269aafc413ad6fbcb)

1 / 68 (Adware)

setup.exe (REFPC) (bc28f4e6994f448eca539d90e093bf30)

1 / 68 (Adware)

beddhaabci.exe (bca6e26b57837d832ae8339e19042d52)

1 / 68 (Adware)

bar7mg.hama.3laab.rar.exe (LHINI) (ba082242c9f76fdff8cb9039e6b02931)

1 / 68 (Adware)

Setup.exe (UPIIB) (92f0706dc2ee865e8618699c9fbf0c33)

1 / 68 (Adware)

setup.exe (KGSQU) (3fbcbf290a020b07146ad5161af86c21)

1 / 68 (Adware)

setup.exe (DRUZB) (ec869cf97633f4c8d70f32125febb6cd)

1 / 68 (Adware)

Setup.exe (ZGIIF) (955ead635ff0be6eefbaeb6466a119a2)

1 / 68 (Adware)

setup.exe (XXHIP) (1e1431bc7350d03d984a5e920f7a23f9)

1 / 68 (Adware)

ninja codes generator v2.12.exe (LLZVR) (56f6e30026f2f3735c6984e980f84a86)

1 / 68 (Adware)

fantamorph deluxe 5.4.6.arabseed.com.rar.exe (OJMLN) (16b0141b61b5b846a96a5fffeb1618d5)

7 / 68 (Adware)

thea.render.1.3.06.1115.plus.plugins.exe (PMHUK) (701639a1f1de7cef61f1aa3c30c3d03f)

6 / 68 (Adware)

setup.exe (FUMAZ) (ad088c97e3b5b5e28d62671ef093abdb)

9 / 68 (Adware)

beddhbajci.exe (a8f3d23572bae05d1343b31f58a34c4b)

Downloads URLs for files signed by Direct DoWnloaD gTt.

1 / 68 (Adware)

http://get.0134c.info/.../1433713095/1433713095?54161111487YmFzMDA bzwxLys0ImM3MTU4MDUeZTguNSsxLyVtOSkfX3VtW2xoYm1dZV44SmhoaWAkMSw7aF9hch8xL0Zkal1rXHBubCQxL1UuJiotImVja2RtYGldNkllbWRgJDEvP2ddYG8kLC9GZG1halpva3EfMS9VMSopKyFPPEhobWlgISopPmtjX3IkMS9DXWdgbmBubnEkMSxOKyktMSBoYm5tOSoyIXZoajwv (ninja codes generator v2.12.exe)

1 / 68 (Adware)

http://get.0134c.info/.../1433710881/1433710881?38026640370ZF10NCs5bD0vMDc0HmQ7LC8zNS4fbDoqMzUzMSJuOiomYGRpYWVjYD0zMjQwLjYyMTItNDAsNy4oODMyIGVjbGc9LzEmeGNqOTA (setup.exe)

1 / 68 (Adware)

http://get.0134c.info/.../1433719636/1433719636?29171596033ZVxzLzA6ZzcxNC4yLyVdPC0qKjctI2o0MSsxMScgbjouJFt4Z2BoYF1uXmpjNE9LTj9MPVRcSz9ERB9vbWZedWBxbFhsXjxLSUlEUkBSVk06TEAdYGlpYmxYbF48PVhsN2pkLD9gZmApKmZhXl8saWBrJWRaaW46LzcdeWJvOCc (bar7mg.hama.3laab.rar.exe)

Distribution

The following websites host and distribute files published by Direct DoWnloaD gTt.

get.0134c.info

The certificates below are also signed by Direct DoWnloaD gTt.

5239457324F8D76BE6CBA57F9A47F25B (May 31, 2015 to Jan 28, 2016)

5AD82B1C11F647351A73090139F91D81 (Apr 30, 2015 to Jan 28, 2016)

5193C4BEDB4925320C19474395FF135C (Mar 08, 2015 to Jan 28, 2016)

1368B5662E01BF764D0663326565A2F0 (Feb 05, 2015 to Jan 28, 2016)

053817B5982C2650C0EF31CA44F4C354 (Apr 21, 2015 to Jan 28, 2016)

0AD81318E83A71271977E435C3D52212 (Feb 17, 2015 to Jan 28, 2016)

383ED0690A14144518602859BF40B55B (Jun 11, 2015 to Jan 28, 2016)

407F799018DF57747C6383AE34BFE253 (Apr 26, 2015 to Jan 28, 2016)

437F22B992D6BC792B0BAE598B2BBE19 (Feb 01, 2015 to Jan 28, 2016)

7342EAF858BF782F04515916D1671EC3 (Nov 16, 2015 to Jan 28, 2016)

10 of 23 code signing certificates issued

The following publishers (by Authenticode signature organization name) are related.

Verified soFtWaRE SNB

30 of 30 publishers

* Note, the details and description above are based on the code signing digital signature issued to Direct DoWnloaD gTt by thawte, Inc. on June 04, 2015 with the serial number '1a9527b3080b7a2460b95f1fdb83360e'.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.