home

LLC

Publisher Information

LLC is a software publisher located in Kiev, Ukraine*. The company is a primary distributor of unwanted software. Thre are 210 additional code signing certificates issued to this publisher.
Authority:
COMODO CA Limited

Valid from:
5/7/2015 7:00:00 AM

Valid to:
5/7/2016 6:59:59 AM

Subject:
CN="LLC ""YOPTA SOFT""", O="LLC ""YOPTA SOFT""", STREET="str.Tsytadelna, 7", L=Kiev, S=Kiev, PostalCode=01015, C=UA

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
1cafdf1c4c426fc3dd811d48793d99c9

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Amonitize.OpenSource.Installer (M), PUP.Amonitize (M), PUP.Amonitize.OpenSource (M), PUP.Amonitize.OpenSour.Installer (M), Adware.Amonetize.Amonitize.Installer.Meta (M), Adware.Amonetize (M), PUP.Amonitize.Installer
100.00%

Dr.Web
Trojan.BtcMine.711
10.00%

Kaspersky
not-a-virus:RiskTool.Win32.BitCoinMiner, not-a-virus:HEUR:RiskTool.Win32.BitCoinMiner, Virus.Win32.Slugin
8.00%

Qihoo 360 Security
QVM42.0.Malware.Gen, HEUR/QVM42.0.Malware.Gen, HEUR/QVM11.1.Malware.Gen, QVM10.1.Malware.Gen
8.00%

VIPRE Antivirus
Trojan.Win32.Generic, RiskTool.Win32.BitCoinMiner (not malicious)
6.00%

ESET NOD32
Win64/BitCoinMiner.AP potentially unsafe, Win32/BitCoinMiner.BY potentially unsafe (variant)
6.00%

avast!
Multi:BitCoinMiner-B [PUP], Win32:Patched-JI
6.00%

IKARUS anti.virus
not-a-virus:RiskTool.BitCoinMiner, PUA.BitCoinMiner
6.00%

Clam AntiVirus
Win.Trojan.Agent-954461
4.00%

AhnLab V3 Security
Unwanted/Win32.BitCoinMiner
4.00%

1 / 68      (Adware)
nssfb80.tmp (Setup by Open Source)  (bbce73334bb9c3b8309273e94ff3f9df)

1 / 68      (Adware)
cdn.exe (Setup by Open Source)  (7b6a2e9d61c0f5bdb88400e7112b3f03)

1 / 68      (Adware)
cdn.exe (Setup by Open Source)  (53a838eae8d0bf75fe0b60482140758e)

1 / 68      (Adware)
clinfo.exe  (71d00e9c6793d86bad82d46cfa91bf47)

1 / 68      (Adware)
nsg9d0.tmp (Setup by Open Source)  (a4cbda1ae41cd49d95849db41e204685)

1 / 68      (Adware)
cdn.exe (Setup by Open Source)  (ff4616b5dac5bcf3b30b53895fac1698)

1 / 68      (Adware)
nsh2e65.tmp (Setup by Open Source)  (f6cf913ac4949548a6d6efcfd1467858)

1 / 68      (Adware)
nso95b6.tmp (Setup by Open Source)  (664c0026d1755cbeec0676da4bc18802)

1 / 68      (Adware)
nsxd7bc.tmp (Setup by Open Source)  (573b3924f6a850accd3adc8b8a2460eb)

1 / 68      (Adware)
gplyra.exe (- by Open Source)  (3cf717deb1dbaf46edc60711aa999dec)

1 / 68      (Adware)
nsmf1d5.tmp (Setup by Open Source)  (5c70114287511ccbbe716a308bb1cec4)

1 / 68      (Adware)
nspea4.tmp (Setup by Open Source)  (b6f0a1b670e356c0051eee94a2192961)

1 / 68      (Adware)
cdn.exe (Setup by Open Source)  (032af0162606bdd0e1134f27f3f33f69)

1 / 68      (Adware)
nseb24f.tmp (Setup by Open Source)  (9322074023a23ff237b53ad972c7fc6e)

1 / 68      (Adware)
nsm8364.tmp (Setup by Open Source)  (162362a43f8dc4d7cc9d21cb779cd302)

11 / 68    (Adware)
cdn.exe (Setup by Open Source)  (158f3550e42cb5a6aa582a2376b7ca70)

1 / 68      (Adware)
cpm.exe  (4e094e013e817033433cf2a082a4a98e)

1 / 68      (Adware)
nsga7ce.tmp (Setup by Open Source)  (41d63a37f52a729aa76c997a0634759b)

1 / 68      (Adware)
clinfo.exe  (195e67e5ba96d57c41e19738d7dec3b8)

1 / 68      (Adware)
cdn.exe (Setup by Open Source)  (73bfc29ec6bc25df4af371021a15091f)

1 / 68      (Adware)
nsoa6ea.tmp (Setup by Open Source)  (62f386c6ee20aa4d65939c1428770b91)

1 / 68      (Adware)
nsq4303.tmp (Setup by Open Source)  (0b237c1aa8356e3e8e276eeee7255afa)

1 / 68      (Adware)
nsj123d.tmp (Setup by Open Source)  (d2ac7fee9d75ddaf70ad5b5313a82dc7)

1 / 68      (Adware)
nsx48d7.tmp (Setup by Open Source)  (fd1dae9eef7317dbe437a4de16e074b5)

1 / 68      (Adware)
gplyra-setup.exe (GPLYRA - Setup by Open Source)  (2b617a72e91b29aa0d07217ca88fa352)

1 / 68      (Adware)
cpm.exe  (3ea216cd397c8cc65ac41f0e0e6e76a0)

1 / 68      (Adware)
gpuminer-setup.exe.mal (SGM - Setup by Open Source)  (ce27f2ea11ede0c57adfd1c194891d50)

1 / 68      (Adware)
cpm.exe  (d8b00f3d7166cfb92e0e16f3020cfdcf)

1 / 68      (Adware)
nse473f.tmp (Setup by Open Source)  (984e8f6a9267ca5dc49c620b2cf68695)

1 / 68      (Adware)
zone3.exe (GPLYRA - Setup by Open Source)  (dad88b05b78a9289558076a2e4fbed2c)

 
Latest 30 of 53 files

Downloads URLs for files signed by LLC .

7 / 68      (Adware)
http://113.171.224.210/.../Cdn.exe  (46451d03d06d51eea911921cf48f0a20)

1 / 68      (Adware)
http://cdn-14b7.kxcdn.com/Cdn.exe  (73bfc29ec6bc25df4af371021a15091f)

7 / 68      (Adware)
http://113.171.224.244/.../Cdn.exe  (46451d03d06d51eea911921cf48f0a20)

1 / 68      (Adware)
http://cdn-14b7.kxcdn.com/Cdn.exe  (0b237c1aa8356e3e8e276eeee7255afa)

1 / 68      (Adware)
http://113.171.224.244/.../Cdn.exe  (1ff1329b6ea0796a5b678f8ff50eaaba)

1 / 68      (Adware)
http://zone3-14b7.kxcdn.com/Zone3.exe  (dad88b05b78a9289558076a2e4fbed2c)

1 / 68      (Adware)
http://zone4-14b7.kxcdn.com/Zone4.exe  (dad88b05b78a9289558076a2e4fbed2c)

1 / 68      (Adware)
http://zone3-14b7.kxcdn.com/Zone3.exe  (e02de707108606b50045c50529b1e841)

1 / 68      (Adware)
http://zone3-14b7.kxcdn.com/Zone3.exe  (d5c47b8474dd299d0d75e36821d68d59)

15 / 68    (Adware)
http://113.171.224.210/.../Cdn.exe  (6e396788b5e9c0971ddb3bcdff494280)

1 / 68      (Adware)
http://113.171.224.169/.../Cdn.exe  (e02de707108606b50045c50529b1e841)

1 / 68      (Adware)
http://113.171.224.210/.../Cdn.exe  (1ff1329b6ea0796a5b678f8ff50eaaba)

1 / 68      (Adware)
http://zone3-14b7.kxcdn.com/Zone3.exe  (07e8ba941afeac9f7c0f7fa58beafcf5)

7 / 68      (Adware)
http://113.171.224.169/.../Cdn.exe  (46451d03d06d51eea911921cf48f0a20)

15 / 68    (Adware)
http://113.171.224.169/.../Cdn.exe  (6e396788b5e9c0971ddb3bcdff494280)

7 / 68      (Adware)
http://cdn-14b7.kxcdn.com/Cdn.exe  (46451d03d06d51eea911921cf48f0a20)

1 / 68      (Adware)
http://113.171.224.210/.../Cdn.exe  (48be6bf921200c02862f78c33b7d5f0b)

1 / 68      (Adware)
http://113.171.224.210/.../Cdn.exe  (e02de707108606b50045c50529b1e841)

1 / 68      (Adware)
http://cdn-14b7.kxcdn.com/Cdn.exe  (e02de707108606b50045c50529b1e841)

15 / 68    (Adware)
http://cdn-14b7.kxcdn.com/Cdn.exe  (6e396788b5e9c0971ddb3bcdff494280)

1 / 68      (Adware)
http://cdn-14b7.kxcdn.com/Cdn.exe  (48be6bf921200c02862f78c33b7d5f0b)

1 / 68      (Adware)
http://cdn-14b7.kxcdn.com/Cdn.exe  (1ff1329b6ea0796a5b678f8ff50eaaba)

The following websites host and distribute files published by LLC .

zone4-14b7.kxcdn.com

zone3-14b7.kxcdn.com

cdn-14b7.kxcdn.com

The certificates below are also signed by LLC .

00FE7B351079FD02F4C109D42C37F5C27A  (Jun 29, 2015 to Jun 29, 2018)

2A7DD7BCCEB648F185DD5A9432FE186D  (Oct 20, 2016 to Sep 04, 2017)

00F5EC479E1B7B3F9CEC13CFC8EDCC113C  (Sep 08, 2016 to Sep 03, 2017)

1A810FEC80052E26B932F3A315075709  (Aug 29, 2016 to Aug 30, 2017)

00F7244EEE637B20E588B65F59A244BFE1  (Aug 22, 2014 to Aug 22, 2017)

0CD9A2B4BA92EEB65DD3227ED6D3AF1E  (Jul 19, 2016 to Aug 22, 2017)

5A0289F4CB40DCA36F3E58617454A7C8  (Aug 01, 2016 to Aug 02, 2017)

20D09F2559BFDF0848AD8BC883379F18  (Oct 26, 2016 to Jul 23, 2017)

00CB1CD5925F9E2F5B0B456369E2C54C8B  (Jul 08, 2016 to Jul 09, 2017)

27DBE55E53BFEEB479C49E640598529F  (Aug 17, 2016 to Jul 09, 2017)

10 of 210 code signing certificates issued

The following publishers (by Authenticode signature organization name) are related.

LLC BK UKRBUDMONTAZH

TOV Osya-Trans

BERSHNET LLC

Smart PC Solutions, Inc.

* Note, the details and description above are based on the code signing digital signature issued to LLC by COMODO CA Limited on May 07, 2015 with the serial number '1cafdf1c4c426fc3dd811d48793d99c9'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.