GreyGray

Publisher Information

GreyGray is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising.
Authority:
VeriSign, Inc.

Valid from:
9/19/2013 7:00:00 AM

Valid to:
9/20/2015 6:59:59 AM

Subject:
CN=GreyGray, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=GreyGray, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
23ff62a16c638b371a4ab98a8f876e8b

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Yontoo (M), Adware.Yontoo (M)
100.00%

1 / 68      (Adware)
maintainer.bak  (bf16c8b912301ba7135cc1a7725c174e)

1 / 68      (Adware)
{b97ce8fa-0be1-4b73-8ac6-5353529f8179}w64.sys (StdLib)  (8884de71a0f92a8656be0ee7d8102484)

1 / 68      (Adware)
maintainer.bak  (bcc953dd09b5b841b9bbb40b9bb166ed)

1 / 68      (Adware)
{f551efce-3692-4ed5-8201-c1c7dbef1744}w64.sys (StdLib)  (1b6f2bab1ecc91820af1341e41e0ab78)

1 / 68      (Adware)
GreyGray2015070319.exe  (35babfe692058f74ba64a580d249fb8c)

1 / 68      (Adware)
greygray.purbrowse64.exe.pendingoverwrite  (eb894e7ab360b5b10a37770649d2cce9)

1 / 68      (Adware)
greygray.boasprt.exe.pendingoverwrite  (ec4c1e1f6045e1dc01465fd88042ccba)

1 / 68      (Adware)
GreyGray2015051203.exe  (2900b3df5b0a5c978887485a08ec6807)

1 / 68      (Adware)
greygray.expextdll.dll  (54eb132210efb635295e746a5b49f020)

1 / 68      (Adware)
{b97ce8fa-0be1-4b73-8ac6-5353529f8179}gw64.sys (StdLib)  (9b5447c1e251e2fb3f2f0c152a1d2ed9)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)
f551efce36924ed5820164.dll  (56deb45793995440cbe627fcd450b39d)

1 / 68      (Adware)
f551efce36924ed58201.dll  (33799fdbc0a5c7f1a4e1e9d736af3f78)

1 / 68      (Adware)
{b97ce8fa-0be1-4b73-8ac6-5353529f8179}w.sys (StdLib)  (f73d9df5c697c6e64a8539d1bb2c15e5)

1 / 68      (Adware)
GreyGray2014123109.exe  (a7b0d5937287b0dba2ea9856ba8a47cb)

1 / 68      (Adware)
{f551efce-3692-4ed5-8201-c1c7dbef1744}t.sys (StdLib)  (6fc69cfccb28c51c02195161aa019966)

1 / 68      (Adware)
f551efce36924ed58201.dll  (24062726fda888a465e3027b449c730b)

1 / 68      (Adware)
{f551efce-3692-4ed5-8201-c1c7dbef1744}w.sys (StdLib)  (3a72198b29c445dc3b7083fbc6047a1f)

1 / 68      (Adware)
maintainer.bak  (06823204ecc4ed00d24dd9e82d949cde)

1 / 68      (Adware)
{b97ce8fa-0be1-4b73-8ac6-5353529f8179}w.sys (StdLib)  (8fd32631042aeacfa2934b8302339f47)

1 / 68      (Adware)
{f551efce-3692-4ed5-8201-c1c7dbef1744}gw64.sys (StdLib)  (16c1e6c27903f51c591d751a4fb064c6)

1 / 68      (Adware)
GreyGray.Repmon.dll  (6abd4be36c0af3333dceb5bfe5d39551)

1 / 68      (Adware)
GreyGray.PurBrowse.dll  (517c9b3a5a526c04a037a3d8f94029f0)

1 / 68      (Adware)
GreyGray.OfSvc.dll  (5ad312f34ec12c8c5d37c18fd978fe44)

1 / 68      (Adware)
GreyGray.IEUpdate.dll  (51e18cbd51e60d1caf0c6376386a02f0)

1 / 68      (Adware)
GreyGray.GCUpdate.dll  (46ec52cb794d913856a189bca02fa777)

1 / 68      (Adware)
GreyGray.FFUpdate.dll  (115224ae2777c5148e6bbba857ea99ea)

1 / 68      (Adware)
GreyGray.CompatibilityChecker.dll  (bdda638fee25ca400310c9f246e2b626)

1 / 68      (Adware)
GreyGray.BRT.dll  (909f377db7221b5c33385b6d1bf3b93b)

 
Latest 30 of 6,040 files

The following publishers (by Authenticode signature organization name) are related.

30 of 145 publishers

* Note, the details and description above are based on the code signing digital signature issued to GreyGray by VeriSign, Inc. on September 19, 2013 with the serial number '23ff62a16c638b371a4ab98a8f876e8b'.