home

Dragon Service

Publisher Information

Dragon Service is a software publisher located in Moscow, Russia*. Thre are 2 additional code signing certificates issued to this publisher.
Authority:
COMODO CA Limited

Valid from:
12/14/2016 3:00:00 AM

Valid to:
7/12/2017 2:59:59 AM

Subject:
CN=Dragon Service, O=Dragon Service, STREET="street of Zelenograd, 39", L=Moscow, S=Moscow, PostalCode=125475, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
7042728fb144cddf5d1185ca790b88dd

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP (M)
100.00%

ESET NOD32
Win32/Kryptik.FMLG trojan
3.45%

1 / 68      (Malware)
21f1.tmp.exe  (00f63a0928d9f32ca731e741ef7d218c)

1 / 68      (Malware)
f0bf.tmp.exe  (605c7c9a305cdb2e9d1a6ab2058cbe0e)

1 / 68      (Malware)
svshost_upgrade.exe  (f34646e7cd4f1e22332da40881b19d1b)

1 / 68      (Malware)
5a03.tmp.exe  (0047d1a8a92d66b3f902ab82be4f97ab)

1 / 68      (Malware)
27f.tmp.exe  (868b0f2af13592a00694b37fb119465d)

1 / 68      (Malware)
508f.tmp.exe  (ba95cce53e0d1e401eb52cad5d5f100a)

1 / 68      (Malware)
filesystemdriver.exe  (c99784f6dea80fe29272a6dae760e2ca)

1 / 68      (Malware)
3a03.tmp.exe  (b5297d3e03df2ff8ec36b295f52cd464)

1 / 68      (Malware)
startpm.exe  (5c88e16d17da18ad080a91df1ab6fb1f)

1 / 68      (Malware)
powermonitor.exe  (337e6cfa9649b1f3f3b061edc0cd8db9)

1 / 68      (Malware)
powermonitor.exe  (337e6cfa9649b1f3f3b061edc0cd8db9)

1 / 68      (Malware)
sysnet.exe  (b83a8f23234428cd705fcba3e218b121)

1 / 68      (Malware)
sysnet.exe  (b83a8f23234428cd705fcba3e218b121)

1 / 68      (Malware)
kiric9owdrk7.exe  (560df4c7d183ae44629748f6dc77265a)

1 / 68      (Malware)
60ca.tmp.exe  (337e6cfa9649b1f3f3b061edc0cd8db9)

1 / 68      (Malware)
qdujcoh6dwhx.exe  (1babfae496bcf84e86001617b180bef3)

1 / 68      (Malware)
powermonitor.exe  (01de78c45468bcfc97c9a9a1b5ef8b63)

2 / 68      (Malware)
b.tmp.exe  (091ee4bbe0fb2948ff47d645457b615c)

1 / 68      (Malware)
scriptwriter.exe  (0ccffe0eb3a62a0d8c7a5bfd43f4405f)

1 / 68      (Malware)
sysnet.exe  (10d4ecd3e2ea874ee2fea0034cbdf03c)

1 / 68      (Malware)
filesystemdriver.exe  (c2cd1c719e4fad14b5196bdef44360a3)

1 / 68      (Malware)
syslog.exe  (ea06b63a26fd3842a7ab2e14e948ecbe)

1 / 68      (Malware)
e.exe  (605c7c9a305cdb2e9d1a6ab2058cbe0e)

1 / 68      (Malware)
filesystemdriver.exe  (605c7c9a305cdb2e9d1a6ab2058cbe0e)

2 / 68      (Malware)
svshost.exe  (fb72af9796cd8f68bf74711195b46761)

1 / 68      (Malware)
filesystemdriver.exe  (2579798bc1af965ea3f8df738dfc11f2)

1 / 68      (Malware)
syslog_upgrade.exe  (6ed4a360dab220be874e6e6f8874b77b)

1 / 68      (Malware)
syslog_upgrade.exe  (6ed4a360dab220be874e6e6f8874b77b)

1 / 68      (Malware)
comdev.exe  (6ed4a360dab220be874e6e6f8874b77b)

The certificates below are also signed by Dragon Service.

0F8AB2E17CD7C38F0A414500678E65  (Nov 02, 2016 to Jul 12, 2017)

00A6779A3F190265247A97BACBB2FD05D7  (Jul 11, 2016 to Jul 12, 2017)

* Note, the details and description above are based on the code signing digital signature issued to Dragon Service by COMODO CA Limited on December 14, 2016 with the serial number '7042728fb144cddf5d1185ca790b88dd'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.