home

direCt DOwnlOAd GtT

Publisher Information

direCt DOwnlOAd GtT is a software developer located in Dublin, Ireland*. The company is a primary distributor of unwanted software. Thre are 23 additional code signing certificates issued to this publisher.
Authority:
thawte, Inc.

Valid from:
5/25/2015 9:00:00 PM

Valid to:
1/28/2016 12:59:59 AM

Subject:
CN=direCt DOwnlOAd GtT, O=direCt DOwnlOAd GtT, L=Dublin, S=Dublin, C=IE

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
402dc3366fe833c28f761ae7f9333aff

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Outbrowse.Bundler, PUP.Outbrowse.direCtDOwnlOAdGtT.Bundler (M), PUP.Outbrowse.direCtDO.Bundler (M), PUP.Outbrowse.direCtDO (M), PUP.Outbrowse (M)
100.00%

McAfee
Artemis!0D756A240716, Adware-OutBrowse.g
7.89%

K7 AntiVirus
Unwanted-Program
7.89%

ESET NOD32
Win32/OutBrowse.CE potentially unwanted application
7.89%

Trend Micro House Call
Suspici.8A1EF39C
7.89%

Fortinet FortiGate
Riskware/OutBrowse
7.89%

AVG
Downloader
7.89%

avast!
Malware-gen
5.26%

Dr.Web
Trojan.OutBrowse.716
5.26%

VIPRE Antivirus
Threat.4150696
5.26%

1 / 68      (Adware)
setup.exe (PYGCZ)  (2ebd18bd03572aa9383ffc1cbe05561e)

1 / 68      (Adware)
setup.exe (KGRFZ)  (1293afc50ad7ad1dbb64b05b9192d2a5)

1 / 68      (Adware)
setup.exe (VCRKL)  (9ff803a5a1eeb0554db23d979bbca288)

1 / 68      (Adware)
setup.exe (NPNAU)  (3ac96553c8f33b622b6d92e8dfb4282c)

1 / 68      (Adware)
Setup.exe (TOMSJ)  (f5b64d50aadfb360e8e47ab006c5149f)

1 / 68      (Adware)
Setup.exe (NXOWM)  (ca94c8d197d2394d4d69018f80a6e939)

1 / 68      (Adware)
Setup.exe (IFEZU)  (0d661abce349714f998bcda93b626ee4)

1 / 68      (Adware)
f_000110 (UARAV)  (cbf09f5ff7d2192d7d8c9bc7f74f6d7a)

1 / 68      (Adware)
1432927956 (UTHCA)  (cf92cb319ecc5448304ff10072767b32)

1 / 68      (Adware)
setup.exe (BGBPS)  (3818300690b8bfd8b99ceb59afaf5476)

1 / 68      (Adware)
skype 7.5.0.101.mazika2day.com.rar.exe (TUXMI)  (025f7247d4840be5d17f494d07997eb8)

1 / 68      (Adware)
setup.exe (GYNXX)  (5f8acf588778e0c3c54f3ee114f53ffd)

1 / 68      (Adware)
setup.exe (PNIZE)  (17e220f791baef7544ddaeab4f58791e)

1 / 68      (Adware)
setup.exe (IZMYG)  (0efe79d471b112fe46aa2ef8701cd95e)

1 / 68      (Adware)
bedcjbbhci.exe  (4e8c35e985fb0b5820c9c50100abe993)

1 / 68      (Adware)
setup.exe (OHRHT)  (684706cd5907af75c758567771605464)

1 / 68      (Adware)
setup.exe (ERWGT)  (b04627c916b25f3d890bc67b1b806bb1)

1 / 68      (Adware)
bedchejhci.exe  (a766218e27a05ba7e2ff45b044dea5b5)

1 / 68      (Adware)
setup.exe (BCTET)  (cd2ee8a8733cee164694abd285ce574c)

1 / 68      (Adware)
setup.exe (TYGBW)  (d2d1deb3ffe005dc992ae1622c0ea16b)

1 / 68      (Adware)
setup.exe (WCHYR)  (1c69112f1b9de4a3655fe75927bbcc60)

1 / 68      (Adware)
Setup.exe (HKGYP)  (9023243b950209f2bac0273c63a3a5e4)

1 / 68      (Adware)
setup.exe (UXRHW)  (1671bd87df6051723b4ff8a7299e5f02)

1 / 68      (Adware)
setup.exe (TWYER)  (03409fe45d3a006feeecd256222626d6)

1 / 68      (Adware)
setup.exe (OALHK)  (a7890f6b5e27517bb12846e6fce59e75)

1 / 68      (Adware)
setup.exe (QIGZU)  (8318786683a1e4741bde9cf7a8b3bb3c)

1 / 68      (Adware)
non confirmé 754724.crdownload (PSAAN)  (bd5202014309ccc06de0fc866f843274)

1 / 68      (Adware)
non confirmé 268755.crdownload (UOENV)  (f5643878eb5b917180d3e254539ec4bc)

1 / 68      (Adware)
setup.exe (EJEYB)  (3e470a0ad1e52b8a7308fb0f94628fa3)

1 / 68      (Adware)
bedcjccfci.exe  (cd246c80561e0f7135c7bba5ac28478a)

 
Latest 30 of 38 files

Downloads URLs for files signed by direCt DOwnlOAd GtT.

1 / 68      (Adware)
http://dl.file17desktop.com/1432923493/1432923493/.../YWtdXEBtd2praFpcZGorYXZlImNyZ1lsYWBqX21hPD9iZGQdLyxCb3NtZWhZY11vImRpaGRnWmVkNVBhcnVsJWJcZ201MyJ4aWw8KQ  (setup.exe)

1 / 68      (Adware)
http://dl.file17desktop.com/.../1432930919/1432930919?60724717419YWVtNC04bzYtMicxMx9iOSo3LjIyHWY9LDEuLiVnOS8dXjE2TFFGQT5OJVpmaVxpZV08Sy4wJy9sPXRWbiViX25lNzYfeGVpPCk  (setup.exe)

1 / 68      (Adware)
https://djtkh1hova1ix.cloudfront.net/download/.../9z1xd4xyty2  (setup.exe)

The following websites host and distribute files published by direCt DOwnlOAd GtT.

djtkh1hova1ix.cloudfront.net

The certificates below are also signed by direCt DOwnlOAd GtT.

5239457324F8D76BE6CBA57F9A47F25B  (May 31, 2015 to Jan 28, 2016)

5AD82B1C11F647351A73090139F91D81  (Apr 30, 2015 to Jan 28, 2016)

5193C4BEDB4925320C19474395FF135C  (Mar 08, 2015 to Jan 28, 2016)

1368B5662E01BF764D0663326565A2F0  (Feb 05, 2015 to Jan 28, 2016)

053817B5982C2650C0EF31CA44F4C354  (Apr 21, 2015 to Jan 28, 2016)

0AD81318E83A71271977E435C3D52212  (Feb 17, 2015 to Jan 28, 2016)

383ED0690A14144518602859BF40B55B  (Jun 11, 2015 to Jan 28, 2016)

407F799018DF57747C6383AE34BFE253  (Apr 26, 2015 to Jan 28, 2016)

437F22B992D6BC792B0BAE598B2BBE19  (Feb 01, 2015 to Jan 28, 2016)

7342EAF858BF782F04515916D1671EC3  (Nov 16, 2015 to Jan 28, 2016)

10 of 23 code signing certificates issued

The following publishers (by Authenticode signature organization name) are related.

Direct download gtt

Bon Don Jov

Direct Download GTt

Trusted apps DDD

Trusted download TYY

Trusted apps DDd

diRECt DowNlOad gtT

Start Now

MARi MarA

apps Market AbC

AppS MarKet ABC

DIrEct DowNload gTt

Verified soFtWaRE SNB

JUST accept

appS MArkeT ABc

SaFe SoftwaRe sLL

FASt download got

DAily apps forfor

ApPs MarKeT ABC

OToPia SOFt

CLick trust opt

SafE DownLoAd gtl

BEst iNstalL tLl

staRT PlAyIng

otOPia sofT

BEst iNsTaLL TLl

APPs MARket aBC

aPps MaRket ABc

SAFe store btw

yeS Apps

30 of 30 publishers

* Note, the details and description above are based on the code signing digital signature issued to direCt DOwnlOAd GtT by thawte, Inc. on May 25, 2015 with the serial number '402dc3366fe833c28f761ae7f9333aff'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.