home

E GONCALVES DE SOUSA - ME

Publisher Information

E GONCALVES DE SOUSA - ME is a software developer located in Palmas, Tocantins in Brazil*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs. Thre are 7 additional code signing certificates issued to this publisher.
Authority:
GlobalSign nv-sa

Valid from:
11/20/2015 3:28:15 PM

Valid to:
11/20/2016 3:28:15 PM

Subject:
CN=E GONCALVES DE SOUSA - ME, OU=Production, O=E GONCALVES DE SOUSA - ME, STREET="Q 605 Norte, Alameda 05, Qi 04 Lt 28 Plano Diretor Norte", L=Palmas, S=Tocantins, C=BR, OID.1.3.6.1.4.1.311.60.2.1.3=BR, SERIALNUMBER=15.487.837/0001-84, OID.2.5.4.15=Private Organization

Issuer:
CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11211020abcd69cc5e8760adff9dc0716adc

Scanner detections:
Detections  (91% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.EGONCALVESDESOUSAME.Installer (M), PUP.EGONCALVESDESOUSAME (M), Threat.Win.Reputation.IMP, PUP.EGONCALV.Installer (M), PUP.EGONCALV (M), PUP (M)
87.88%

Emsisoft Anti-Malware
Gen:Variant.Symmi.58103, Gen:Variant.Graftor.241447
18.18%

Lavasoft Ad-Aware
Gen:Variant.Symmi.58103, Gen:Variant.Graftor.241447
18.18%

Norman
Gen:Variant.Symmi.58103, Gen:Variant.Graftor.241447
18.18%

VIPRE Antivirus
Threat.4786018, Threat.5063361
18.18%

F-Secure
Gen:Heur.MSIL.Androm.3, Gen:Variant.Symmi.58103
12.12%

ESET NOD32
Win32/Spy.Banker.ACPJ trojan
9.09%

Avira AntiVirus
TR/ATRAPS.Gen, W32/Virut.Gen
6.06%

1 / 68      (Malware)
rohs.dll (Bluetooth Software)  (d469c3fec5c9f2cf17b7385cb07cbfd3)

1 / 68      (Malware)
rohs.dll (Bluetooth Software)  (1e2f25b0b8044c72b37bcdc08719c6c5)

1 / 68      (Malware)
rohs.dll (Bluetooth Software)  (54eea07c48401799847c4f54424730d0)

1 / 68      (PUP)
rohs.dll (Bluetooth Software)  (5e20725cc1c2f3c2fad9e91f91521ae1)

1 / 68      (PUP)
rohs.dll (Bluetooth Software)  (c4e2edc5d74ee220d2deb3f1150a2292)

1 / 68      (PUP)
java_install.exe (Java 8.66 by Oracle)  (19047d6d25b5d1eae93959f82c13a130)

1 / 68      (PUP)
shed.exe  (7af0fd71aac8868c9d75f72a1936a76d)

5 / 68      (PUP)
java_install.exe (Java 8.66 by Oracle)  (ff96915f3e5413b92981d2342dd6b9af)

5 / 68      (PUP)
java_install.exe (Java 8.66 by Oracle)  (0437c1aa122240ea4b7531a7c8ca21a6)

5 / 68
rohs.dll (Bluetooth Software)  (899611a882cce42700261ec12b2b7f6a)

1 / 68      (PUP)
java_install.exe (Java 8.66 by Oracle)  (0d37edb7f93a246b2aa60eb3969cbcc2)

5 / 68
rohs.dll (Bluetooth Software)  (1a7fed3cc5b985faeee7fcc1f1f3afec)

2 / 68      (PUP)
java_install.exe (Java 8.66 by Oracle)  (56370704a37810573b9b3b87c381cea5)

2 / 68      (PUP)
não confirmado 946354.crdownload (Java 8.66 by Oracle)  (9ca77bad7f532fb00116fb052495bb24)

1 / 68      (Malware)
shed.exe  (03bf00321f5495df23967441f39a0fb5)

2 / 68      (PUP)
java_setup.exe (Java 8.66 by Oracle)  (321cb7b0b461aae50c5e4c1f6a07b534)

2 / 68      (PUP)
shed.exe  (9e7f0dc0f3947bde6508534ca2e0edb4)

1 / 68      (PUP)
shed.exe  (73520350c3cf127a0c76544321913c15)

1 / 68      (PUP)
shed.exe  (9d301912f71994256a57327f739fc31f)

2 / 68      (PUP)
shed.exe  (60ea7e2c53335dfe81445dc95d090e2f)

1 / 68      (Malware)
shed.exe  (3f442f8bdafe2b3ca195dbf9c0daad30)

3 / 68      (inconclusive)
java_install.exe (Java 8.66 by Oracle)  (3e347eee4c5070435a3652b51c53565c)

1 / 68      (PUP)
shed.exe  (f32abaca35dc23d853b15cf67e41d31c)

1 / 68      (PUP)
java_installer.exe (Java 8.66 by Oracle)  (f9b3a166cce2e9169a32049a4c69ec35)

1 / 68      (PUP)
java_install.exe (Java 8.66 by Oracle)  (0534eb955a3debf7fcb56038415141fe)

5 / 68      (Malware)
rohs.dll (Bluetooth Software)  (b9f308e02a39452915ae538eee7d79d1)

2 / 68      (PUP)
shed.exe  (d583c4b73562d5410669191ada8f7274)

1 / 68      (PUP)
shed.exe  (465dc269c9d9d927b2aa3b309af5383b)

1 / 68      (PUP)
shed.exe  (b9647e839a401660ae2db4394b87b1ab)

1 / 68      (PUP)
java_install.exe (Java 8.66 by Oracle)  (99b3e37edcd063e75d33cbf55268ffa7)

 
Latest 30 of 33 files

Downloads URLs for files signed by E GONCALVES DE SOUSA - ME.

3 / 68      (inconclusive)
http://java-installer-download.beepworld.de/.../download?f=java_install.exe  (3e347eee4c5070435a3652b51c53565c)

5 / 68      (PUP)
https://raw.githubusercontent.com/DFA63B0F-105D-4892-80B1-C6550A4EB7DA/C6550A4EB7DA/.../Java_Install.exe  (0437c1aa122240ea4b7531a7c8ca21a6)

5 / 68      (PUP)
http://autopeservicos.com/.../Java_Install.exe  (ff96915f3e5413b92981d2342dd6b9af)

5 / 68      (PUP)
https://raw.githubusercontent.com/C838750E-28FB-4E52-9E8C-23C308E89D55/ABCD771F-F64A-4C06-89C8-322F37DE4322/.../Java_Install.exe  (ff96915f3e5413b92981d2342dd6b9af)

1 / 68      (PUP)
https://raw.githubusercontent.com/1A778C44-B24E-47D2-9E93-3E9D1A8F6B4A/3E9D1A8F6B4A/.../Java_Install.exe  (9cfd3fa4e4a933347efd4dec0bf59872)

1 / 68      (PUP)
https://raw.githubusercontent.com/0E31F909-7B0A-42B0-9251-6EFF399AD5FD/D5BE33B94F1F/.../Java_Install.exe  (0534eb955a3debf7fcb56038415141fe)

1 / 68      (PUP)
https://raw.githubusercontent.com/51F39C4E-0C19-468E-B6C5-8E00887DA06B/8E00887DA/.../Java_Install.exe  (b88dffd8072a7f87465975b2674cd098)

1 / 68      (PUP)
http://java-installer-download.beepworld.de/.../download?f=java_installer.exe  (f9b3a166cce2e9169a32049a4c69ec35)

1 / 68      (PUP)
http://java-installer-download.beepworld.de/.../download?f=java_install.exe  (0534eb955a3debf7fcb56038415141fe)

The following websites host and distribute files published by E GONCALVES DE SOUSA - ME.

autopeservicos.com

java-installer-download.beepworld.de

raw.githubusercontent.com

The certificates below are also signed by E GONCALVES DE SOUSA - ME.

11210668E3B631FFEC095024DCDE98FD9D70  (Jan 23, 2016 to Nov 20, 2016)

112113E5F8563D4AD13BDCD57160339405E0  (Jan 07, 2016 to Nov 20, 2016)

11214070302054D0121AD1969994A5D56E32  (May 16, 2016 to Nov 20, 2016)

11215E0C6C5C7E6503A3A93530407E4ABEC2  (Jan 15, 2016 to Nov 20, 2016)

11217382E7FB28CC1D82E9B30A55E06C6A9E  (Apr 11, 2016 to Nov 20, 2016)

11219017731838557677944CA90799E3259C  (Jan 20, 2016 to Nov 20, 2016)

0DD635AFE67D5EAC4A35E931  (Aug 02, 2016 to Nov 20, 2016)

The following publishers (by Authenticode signature organization name) are related.

Vistumbler.net

Hostplanet Ltd

Brave New Software Project, Inc.

CONSTRUTORA NOVO PARQUE LTDA - ME

Brave New Software Project, Inc

Prolific Technology Inc.

Oren Nachman

LLC LVIV IT!

Wizdave\David

TrueCrypt Foundation

Emby LLC

* Note, the details and description above are based on the code signing digital signature issued to E GONCALVES DE SOUSA - ME by GlobalSign nv-sa on November 20, 2015 with the serial number '11211020abcd69cc5e8760adff9dc0716adc'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.