home

Guangxi Nanning Shengtaian E-commerce Development Co., Ltd.

Publisher Information

Guangxi Nanning Shengtaian E-commerce Development Co., Ltd. is a software developer located in Nanning, Guangxi in China*. Thre are 3 additional code signing certificates issued to this publisher.
Authority:
WoSign eCommerce Services Limited

Valid from:
7/17/2012 12:23:57 AM

Valid to:
7/19/2013 10:21:38 AM

Subject:
E=kefu@shengtaian.com, CN="Guangxi Nanning Shengtaian E-commerce Development Co., Ltd.", O="Guangxi Nanning Shengtaian E-commerce Development Co., Ltd.", L=Nanning, S=Guangxi, C=CN

Issuer:
CN=WoSign Class 3 Code Signing CA, O=WoSign eCommerce Services Limited, C=CN

Serial number:
1bb133dcefad95

Status:
Inconclusive detections from multiple engines

Scan engine
Details
Detections

Dr.Web
DLOADER.Trojan, probably DLOADER.Trojan
70.00%

IKARUS anti.virus
Trojan-Downloader.Agent, Trojan-GameThief.Win32.Lmir, Trojan.Win32.Genome
50.00%

Trend Micro House Call
TROJ_GEN.RCBH1B4, TROJ_GEN.F47V0802, PAK_Generic.001, HV_DOWNLOADER_CB2401C2.TOMC
40.00%

AhnLab V3 Security
Trojan/Win32.Genome, PUP/Win32.StartPage, ASD.Prevention, Win-Trojan/Malpacked5.Gen
40.00%

McAfee
Artemis!4472B74DB062, Artemis!28D498F83058, Artemis!6891912572EE
30.00%

Agnitum Outpost
Trojan.DL.Delf
20.00%

VIPRE Antivirus
Trojan.Win32.Generic
20.00%

ESET NOD32
Win32/TrojanDownloader.Delf.PSJ (variant)
20.00%

AVG
Downloader.Agent2
20.00%

Malwarebytes
Trojan.Qhost, Trojan.Downloader.Small
20.00%

0 / 68
wjnews.exe (by Sta)  (c6834f74a7e329b268920757c3599663)

0 / 68
setup_open_131.exe (by Sta)  (f4b7a32fd00374edc4641dfe78910529)

0 / 68
$rdosao1.exe  (5b8f60ff8dc695d2078c019b6e5c036e)

0 / 68
wujiplayer.exe (by Sta)  (1fcdc07eddaffb81a9f36276ec634cdf)

0 / 68
unins.exe  (7edfbd30b925b900bd5012cf032d841e)

0 / 68
playerupdate.exe  (15ba96b8d2059dd80dac306a9262a19e)

0 / 68
duilib.dll  (a8d7996a9627164dfc7d853518bd6e21)

0 / 68
wujiplayer.exe (by Sta)  (ed0425d59ebe68cd0589cc7cab656a89)

0 / 68
unins.exe  (77d9cd2b9d1d49b05c107ae7fcd1ba35)

0 / 68
playerupdate.exe  (3ea43f1445e2a6b3db51ca44fc27d395)

0 / 68
duilib.dll  (3f6a0d46d73b3916754328e7b2a2cb61)

2 / 68
wjnews.exe (by Sta)  (5c80f22154865bf033d24aae71bd41ee)

0 / 68
unins.exe  (2e3a398c9a2f6e519f1ca5101edfb0fa)

0 / 68
playerupdate.exe  (580214ef852f4206b674b0489eaead0d)

0 / 68
duilib.dll  (28a676f0a4b48ce1f6aaf9182f706746)

12 / 68    (Malware)
setup_open_56.exe (by Sta)  (6891912572eeb01cf6fd4b596740fa47)

1 / 68      (inconclusive)
wujiplayer.exe (by Sta)  (a3ecb08377bb87b7a3dc4f98a8ac7e6d)

1 / 68      (inconclusive)
setup_open_56.exe (by Sta)  (358708057b987b5406f494cf61cb27cf)

1 / 68      (inconclusive)
wujiplayer.exe (by Sta)  (c8be6833bcc207bdcec99d407064cff8)

3 / 68
setup_8.exe (by Ekan)  (8fed15767244b59bca0c026dc882889e)

0 / 68
unins.exe  (2ce92ddc164da47835c8da8ddca324e0)

0 / 68
playerupdate.exe  (ea3b8ef1d218e7285c29e20df26d42a6)

0 / 68
duilib.dll  (df3295f76694795af7ee2d28df71a24d)

0 / 68
setup_open_318.exe (by Sta)  (386689c2c0322dd4a7ec731ceed54410)

8 / 68      (PUP)
setup_855.exe  (28d498f83058ccaef1ede9480f3e9cf2)

0 / 68
wjnewsuninstall.exe  (51741bbae2155a63ea94b8292eaa206a)

0 / 68
unins.exe  (befd636d39e7a17816634a455dddee0e)

0 / 68
playerupdate.exe  (ca259e162d068b8746297399e3491987)

0 / 68
duilib.dll  (0cd5db47088cf1f1d5fa7411c0c05d83)

0 / 68
wujiplayer.exe (by Sta)  (33de64724cad55243c0cb558db3070fa)

 
Latest 30 of 190 files

Downloads URLs for files signed by Guangxi Nanning Shengtaian E-commerce Development Co., Ltd..

8 / 68      (PUP)
http://down.kan83.com/wuji/.../setup_855.exe  (28d498f83058ccaef1ede9480f3e9cf2)

2 / 68      (inconclusive)
http://down.souyaya.com/????????_34.exe  (85fd43105ffe2985908f62e1c9b15001)

The certificates below are also signed by Guangxi Nanning Shengtaian E-commerce Development Co., Ltd..

04071FA1A0BC9E  (Apr 09, 2013 to Apr 12, 2016)

1BE23EE2C85B88  (Jun 03, 2013 to Jul 06, 2014)

039E5E3EE7A9AB  (Jun 02, 2013 to Jul 06, 2014)

* Note, the details and description above are based on the code signing digital signature issued to Guangxi Nanning Shengtaian E-commerce Development Co., Ltd. by WoSign eCommerce Services Limited on July 17, 2012 with the serial number '1bb133dcefad95'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.