Duuqu Group OU
Publisher Information
Duuqu Group OU is a software publisher located in Tallinn, Harju in Estonia*. The company is a primary distributor of unwanted software.
Valid from:
8/9/2012 2:00:00 AM
Valid to:
8/10/2014 1:59:59 AM
Subject:
CN=Duuqu Group OU, O=Duuqu Group OU, L=Tallinn, S=Harju, C=EE
Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US
Serial number:
162e253d4cb8942d57dc084a3456ba93
Scanner detections:
Detections (100% detected)
Scan engine
Details
Detections
Reason Heuristics
PUP.Service.DuuquGroupOU.L, PUP.ChromePlugin.DuuquGroupOU.O, PUP.Installer.DuuquGroupOU.Q, PUP.DuuquGroupOU.N, PUP.DuuquGroupOU.R, PUP.DuuquGroupOU.T, PUP.DuuquGroupOU.O, PUP.DuuquGroupOU.J, PUP.DuuquGroupOU.G, PUP.DuuquGroupOU.U, Threat.Installer.DuuquGroupOU, PUP.DuuquGroupOU (M), PUP.DuuquGro.Installer (M), PUP.DuuquGro (M), PUP (M)
100.00%
Dr.Web
Trojan.DownLoad3.25843
6.00%
Avira AntiVirus
APPL/Maxiget.P
4.00%
Comodo Security
Heur.Suspicious
4.00%
herdProtect (fuzzy)
a variant of 75dc72a7bac94ad0317ff7f9a90fc13eac3488ed
4.00%
Trend Micro House Call
TROJ_GEN.F47V0801
4.00%
Rising Antivirus
PE:Trojan.GenericKDV!6.B5C
2.00%
AegisLab AV Signature
Troj.W32.Gen
2.00%
Downloads URLs for files signed by Duuqu Group OU.
Distribution
The following websites host and distribute files published by Duuqu Group OU.
The following publishers (by Authenticode signature organization name) are related.
* Note, the details and description above are based on the code signing digital signature issued to Duuqu Group OU by Thawte, Inc. on August 09, 2012 with the serial number '162e253d4cb8942d57dc084a3456ba93'.