home

Li Xin

Publisher Information

Li Xin is a software publisher located in Yingshan, Sichuan in China*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs.
Authority:
WoSign CA Limited

Valid from:
3/13/2015 9:55:41 AM

Valid to:
3/13/2016 10:55:41 AM

Subject:
CN=Li Xin, L=Yingshan, S=Sichuan, C=CN

Issuer:
CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:
4ec8808f9295e7018ce5a64639e18b6b

Scanner detections:
Detections  (83% detected)

Scan engine
Details
Detections

Dr.Web
Trojan.Winlock.11807, Trojan.Siggen6.36073
90.00%

McAfee
Artemis!415CC5E1106D, Artemis!02C200D26930, Artemis!B1F16D82B007, Artemis!560139322AA0, Artemis!1FB83BA00E67, Artemis!CD20E9CBB74A, Artemis!A849A0B2A638
90.00%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h, AdWare.Agent
90.00%

AVG
Downloader, Generic
90.00%

Fortinet FortiGate
Riskware/Generic.AC.2003, W32/Generic.AC.2003, W32/Generic.AC.7D3!tr
85.00%

Panda Antivirus
Trj/Genetic.gen
85.00%

Clam AntiVirus
Win.Trojan.Generickd-1403, Win.Trojan.Generickd-1361
75.00%

K7 AntiVirus
Riskware , Unwanted-Program
70.00%

VIPRE Antivirus
Trojan.Win32.Generic, Adware.NSIS.Agent
70.00%

AhnLab V3 Security
PUP/Win32.Helper, PUP/Win32.Helper.R163657
70.00%

0 / 68
aicdrfhpsdpdfep@59_77557.exe (Downloader)  (11294eebf0ecbb41da55d1b574e841d8)

30 / 68    (PUP)
p2psearcher@59_49820_exe (Downloader)  (579589000ea841183be06c8e8f1e35bb)

32 / 68    (PUP)
好压@59_34820.exe (Downloader)  (20634e434ef257a2c476f30352e1bd3c)

22 / 68    (PUP)
hp3050打印机驱动xp@30_20395.exe (Downloader)  (5731c4db01b09611447a819da9a56f51)

0 / 68
tf卡修复工具v1.0 官方版[完美修复手机储存卡软件].exe (Downloader)  (dac7d9e129bd9cdee9a3255bd5d4dc26)

28 / 68    (PUP)
未确认 219155.crdownload (Downloader)  (dbfc8746e52c3525a023f08d83c76f53)

25 / 68    (PUP)
ïé½£ææïà´«4óïòô°æ¸¨öú¹¤¾ß@60_70795.exe (Downloader)  (da9b64dc0520fd3e003fb7df7dc705a0)

4 / 68      (inconclusive)
CabDLL.dll (CabDLL)  (816cec24548f0e8a185cdf6e8cb80b6a)

0 / 68
rmth.exe (rmth32)  (a47c0868e88174e3f94d3255aff523ff)

18 / 68    (PUP)
minidwep@57_64759.exe (Downloader)  (0a9e7e5bc35fa10ace323411f601ccba)

29 / 68    (PUP)
Setup.exe (Downloader)  (c1aea4818d3ef8213ce6c45a2cd7af0c)

17 / 68    (PUP)
苹果手机助手@60_114978.exe (Downloader)  (a29b27c3b74294eaf9ebcfc73f32be5c)

19 / 68    (Malware)
精诚仓库管理软件ver13.0518破解版@26_844952.exe  (f5f6b25450fcaffcdd6676a4e8ff78bd)

17 / 68    (PUP)
hwp2007@59_42525.exe (Downloader)  (220cc4f0f4561c217dc8c7312c19b8ee)

18 / 68    (PUP)
vagaanq╗nnnnnnv2.6.7.6nnnnn²n@37_10197.exe.malware (Downloader)  (f776759ffd57756b49527bc19253ebcf)

3 / 68      (PUP)
rmth.exe (rmth32)  (fcae4c2ec0d775d22510621c1ff7b1f6)

17 / 68    (PUP)
超级文件解锁粉碎器(强力删除顽固文件木马病毒)@41_16425.exe (Downloader)  (a849a0b2a6380c9114a9a7697beb0fc9)

17 / 68    (PUP)
oem8xiaomaxpgod@36_13073.exe (Downloader)  (cd20e9cbb74a094158b2b256189a6068)

27 / 68    (PUP)
尚未確認的 139683.crdownload (Downloader)  (1fb83ba00e674ba8bc929b921d472683)

15 / 68    (PUP)
antiarpv6.0232خ»أâ·رµ¥»ْ°و@30_19165.exe (Downloader)  (560139322aa017e4e7436ea53c8dc549)

8 / 68      (PUP)
谷歌纸盒cardboardv1.3.1安卓版@26_1775655.exe (Downloader)  (b1f16d82b00773e259eeb84a9873427e)

11 / 68    (Malware)
《前线任务进化修改器》8项修改v1.0@20_136181.exe  (02c200d26930c6b77aa870a305bc1737)

7 / 68      (PUP)
ccc������������v1.5.14.4绿������������������������������软件@16_121068.ex  (415cc5e1106db1bcfc9aa899d3e77439)

Downloads URLs for files signed by Li Xin.

17 / 68    (PUP)
http://gaoxin.021id.net/?/66614/.../?????????.exe  (220cc4f0f4561c217dc8c7312c19b8ee)

17 / 68    (PUP)
http://gaoxin.021id.net/?/103755/.../msvcp110.dll.exe  (220cc4f0f4561c217dc8c7312c19b8ee)

18 / 68    (PUP)
http://down.xiazai2.net/?/13988/.../????????3????????????????I? ????.exe  (f776759ffd57756b49527bc19253ebcf)

17 / 68    (PUP)
http://down.xiazai2.net/?/17836/.../foxy????.exe  (220cc4f0f4561c217dc8c7312c19b8ee)

18 / 68    (PUP)
http://down.xiazai2.net/?/61730/.../Microsoft Office2003 ??ü?????????.exe  (f776759ffd57756b49527bc19253ebcf)

18 / 68    (PUP)
http://down.xiazai2.net/cx/.../realcodec2.0()@28_88129.exe  (f776759ffd57756b49527bc19253ebcf)

18 / 68    (PUP)
http://down.xiazai2.net/?/28715/.../easyrecovery.exe  (0a9e7e5bc35fa10ace323411f601ccba)

18 / 68    (PUP)
http://down.xiazai2.net/?/13715/.../EasyRecovery6.22????.exe  (f776759ffd57756b49527bc19253ebcf)

18 / 68    (PUP)
http://www.7edown.com/download.asp?id=26838&dp=1&fid=34  (vagaanq╗nnnnnnv2.6.7.6nnnnn²n@37_10197.exe.malware)

17 / 68    (PUP)
http://down.xiazai2.net/?/43113/.../????????????.exe  (a29b27c3b74294eaf9ebcfc73f32be5c)

The following websites host and distribute files published by Li Xin.

down.xiazai2.net

www.7edown.com

The following publishers (by Authenticode signature organization name) are related.

Shanghai Yishen Network Technology Co., Ltd.

水石信息科技(上海)有限公司

Ruifeng Network Technology Co., Ltd.

Zhuhai Kingsoft Office Software Co.,Ltd

* Note, the details and description above are based on the code signing digital signature issued to Li Xin by WoSign CA Limited on March 13, 2015 with the serial number '4ec8808f9295e7018ce5a64639e18b6b'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.