home

E GONCALVES DE SOUSA - ME

Publisher Information

E GONCALVES DE SOUSA - ME is a software developer located in Palmas, Tocantins in Brazil*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs. Thre are 7 additional code signing certificates issued to this publisher.
Authority:
GlobalSign nv-sa

Valid from:
1/7/2016 12:52:20 PM

Valid to:
11/20/2016 3:28:15 PM

Subject:
CN=E GONCALVES DE SOUSA - ME, OU=Production, O=E GONCALVES DE SOUSA - ME, STREET="Q 605 Norte, Alameda 05, Qi 04 Lt 28 Plano Diretor Norte", L=Palmas, S=Tocantins, C=BR, OID.1.3.6.1.4.1.311.60.2.1.3=BR, SERIALNUMBER=15.487.837/0001-84, OID.2.5.4.15=Private Organization

Issuer:
CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112113e5f8563d4ad13bdcd57160339405e0

Scanner detections:
Detections  (93% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.EGONCALVESDESOUSAME.Installer (M), PUP.EGONCALVESDESOUSAME (M), PUP.EGONCALV (M), PUP.EGONCALV.Installer (M)
71.43%

Emsisoft Anti-Malware
Gen:Variant.Symmi.58103
28.57%

ESET NOD32
Win32/Spy.Banker.ACPJ trojan
28.57%

Norman
Gen:Variant.Symmi.58103
28.57%

F-Secure
Gen:Variant.Symmi.58103
21.43%

Lavasoft Ad-Aware
Gen:Variant.Symmi.58103
21.43%

Avira AntiVirus
TR/Crypt.XPACK.Gen2, W32/Sality.AT
14.29%

VIPRE Antivirus
Threat.5063361
7.14%

1 / 68      (PUP)
led2.exe  (032b2ee94e7d8b1ffac0a9ea6171c03c)

1 / 68      (PUP)
java_install.exe (Java 8.66 by Oracle)  (974766a289943ab37b766d6511f36c7f)

1 / 68      (PUP)
shed.exe  (93fd269680d154a078d1a2f675f92a2d)

1 / 68      (PUP)
led1.exe  (c038e314585182764b3062b8f9d9e289)

5 / 68
rohs.dll (Bluetooth Software)  (7645f57fc643dc3bd1514809fcb4f824)

4 / 68      (Malware)
rohs.dll (Bluetooth Software)  (710f5689a3b8c472b2534c09ee8a8a3d)

1 / 68      (PUP)
shed.exe  (c3e64fd8a7b4a145aa1197ef4b855156)

2 / 68      (PUP)
java_install.exe (Java 8.66 by Oracle)  (c4dd63a1f508f53ec30cb03824f9c3f5)

5 / 68      (Malware)
rohs.dll (Bluetooth Software)  (303fdb6a2fd934b1bf358c6fa5d46a8e)

6 / 68      (Malware)
rohs.dll (Bluetooth Software)  (f0e7edc233f7cc7788c3cc0bf833166d)

1 / 68      (PUP)
shed.exe  (b036f0c1cb2ee5c67cff70c816554b17)

1 / 68      (PUP)
java_install.exe (Java 8.66 by Oracle)  (c74945a824f201f8288e3f0642784303)

1 / 68      (PUP)
shed.exe  (3f7797f1c383b96fdb6e70aafd4c71fc)

1 / 68      (PUP)
java_installer.exe (Java 8.66 by Oracle)  (b0c80c10ae9370ea0bc1cb76738090b7)

Downloads URLs for files signed by E GONCALVES DE SOUSA - ME.

1 / 68      (PUP)
https://raw.githubusercontent.com/0E31F909-7B0A-42B0-9251-6EFF399AD5FD/D08AFA78-43AF340F17B0/.../Java_Install.exe  (974766a289943ab37b766d6511f36c7f)

1 / 68      (PUP)
http://java-installer-download.beepworld.de/.../download?f=java_install.exe  (c74945a824f201f8288e3f0642784303)

2 / 68      (PUP)
http://java-installer-download.beepworld.de/.../download?f=java_setup.exe  (c4dd63a1f508f53ec30cb03824f9c3f5)

1 / 68      (PUP)
http://java-installer-download.beepworld.de/.../download?f=java_installer.exe  (b0c80c10ae9370ea0bc1cb76738090b7)

2 / 68      (PUP)
https://raw.githubusercontent.com/0E31F909-7B0A-42B0-9251-6EFF399AD5FD/D08AFA78-43AF340F17B0/.../Java_Install.exe  (c4dd63a1f508f53ec30cb03824f9c3f5)

1 / 68      (PUP)
https://raw.githubusercontent.com/0E31F909-7B0A-42B0-9251-6EFF399AD5FD/BE85-CBF029D69DE0/.../Java_Install.exe  (c74945a824f201f8288e3f0642784303)

The following websites host and distribute files published by E GONCALVES DE SOUSA - ME.

java-installer-download.beepworld.de

raw.githubusercontent.com

The certificates below are also signed by E GONCALVES DE SOUSA - ME.

11210668E3B631FFEC095024DCDE98FD9D70  (Jan 23, 2016 to Nov 20, 2016)

11211020ABCD69CC5E8760ADFF9DC0716ADC  (Nov 20, 2015 to Nov 20, 2016)

11214070302054D0121AD1969994A5D56E32  (May 16, 2016 to Nov 20, 2016)

11215E0C6C5C7E6503A3A93530407E4ABEC2  (Jan 15, 2016 to Nov 20, 2016)

11217382E7FB28CC1D82E9B30A55E06C6A9E  (Apr 11, 2016 to Nov 20, 2016)

11219017731838557677944CA90799E3259C  (Jan 20, 2016 to Nov 20, 2016)

0DD635AFE67D5EAC4A35E931  (Aug 02, 2016 to Nov 20, 2016)

The following publishers (by Authenticode signature organization name) are related.

Vistumbler.net

Hostplanet Ltd

Brave New Software Project, Inc.

CONSTRUTORA NOVO PARQUE LTDA - ME

Brave New Software Project, Inc

Prolific Technology Inc.

Oren Nachman

LLC LVIV IT!

Wizdave\David

TrueCrypt Foundation

Emby LLC

* Note, the details and description above are based on the code signing digital signature issued to E GONCALVES DE SOUSA - ME by GlobalSign nv-sa on January 07, 2016 with the serial number '112113e5f8563d4ad13bdcd57160339405e0'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.