tanzuki

Publisher Information

tanzuki is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of unwanted software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising.
Authority:
VeriSign, Inc.

Valid from:
8/21/2013 2:00:00 AM

Valid to:
8/21/2015 1:59:59 AM

Subject:
CN=tanzuki, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=tanzuki, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5094cecd4b5d21903c384e60ac45c6c4

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Yontoo (M), Adware.Yontoo (M)
100.00%

1 / 68      (Adware)
maintainer.bak  (fc17952f8d7ee4ba65c0b2ce968f87df)

1 / 68      (Adware)
{72471753-7505-48ca-bb3e-64bffebaa209}w.sys (StdLib)  (765e44f403140af743bdb74c51ee78a3)

1 / 68      (Adware)
{72471753-7505-48ca-bb3e-64bffebaa209}gw.sys (StdLib)  (0cf0dc1e8bebf8429c6fca96eedcdf3f)

1 / 68      (Adware)
maintainer.exe  (1c9caa21f5cc3cdfa24de4c03fef9424)

1 / 68      (Adware)
{72471753-7505-48ca-bb3e-64bffebaa209}t.sys (StdLib)  (e2a81697b5cc73be75689149a7b05fc1)

1 / 68      (Adware)
{4a1ea04b-0e0d-426d-8775-2d82a1b8bb52}t.sys (StdLib)  (6e2fee77236ef5f1055e73d9aed8df83)

1 / 68      (Adware)
maintainer.bak  (5a72d558f6a0830c2d4eebb691cdb8bb)

1 / 68      (Adware)
tanzuki.boasprt.exe.pendingoverwrite  (87359cc8ce5c621cf86091e423544b40)

1 / 68      (Adware)

1 / 68      (Adware)
72471753750548cabb3e64.dll  (73130a8cc6e7b69228b6e61887483e4e)

1 / 68      (Adware)
{f1f64b2b-90f5-45c3-8b0e-c9ffd30d8e18}gw.sys  (fe8f231e276cba8401f9b80951e45c74)

1 / 68      (Adware)
{72471753-7505-48ca-bb3e-64bffebaa209}gw.sys  (af98221b4fa863b31dd4c98f8646e73f)

1 / 68      (Adware)
{4a1ea04b-0e0d-426d-8775-2d82a1b8bb52}gw.sys  (fceb532e8e208449bc8c2267df9835c3)

1 / 68      (Adware)
{5a7ac0c3-34fc-47c5-82a9-64f732fc5aad}gw.sys  (290e5ac63c5880aea6a0bb68b3be6c33)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)
tanzuki.expextdll.dll  (a461229b4b3ea50e9e49aee8f4232650)

1 / 68      (Adware)
tanzuki.expext.exe  (a6e94a1f7b5574ace2d62cae74bc162e)

1 / 68      (Adware)
tanzuki.browseradapter64.exe  (06ba88a26ffd8838fd1e5bf97667d35b)

1 / 68      (Adware)
tanzuki.browseradapter.exe  (63270d1f494e11ab135bb82e4f37e111)

1 / 68      (Adware)
tanzuki.boashelper.exe  (0cb7dc1d59eb07b86086671c3b8c156b)

1 / 68      (Adware)
tanzuki.BOAS.exe  (f17543f088a98d1540958b45b35b8e4c)

1 / 68      (Adware)
72471753750548cabb3e64.dll  (32c247616596d35af662a4e4c7f3ff76)

1 / 68      (Adware)
72471753750548cabb3e.dll  (42fbcea59e1ec549725f4daa276c96a0)

1 / 68      (Adware)
tanzuki.BRT.Helper.exe  (92acfd00d960b18c61db3f21d19c399e)

1 / 68      (Adware)
{4a1ea04b-0e0d-426d-8775-2d82a1b8bb52}t.sys (StdLib)  (da5411cd99bbaa15adcf326cee9fefa2)

1 / 68      (Adware)
setup.exe  (5b11a8bf96b2a68e1a6c6444a41b5065)

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

 
Latest 30 of 252 files

The following publishers (by Authenticode signature organization name) are related.

30 of 62 publishers

* Note, the details and description above are based on the code signing digital signature issued to tanzuki by VeriSign, Inc. on August 21, 2013 with the serial number '5094cecd4b5d21903c384e60ac45c6c4'.