home

Tianjing Cheng

Publisher Information

Tianjing Cheng is a software publisher located in Beijing, China*. Thre are 23 additional code signing certificates issued to this publisher.
Authority:
thawte, Inc.

Valid from:
1/6/2017 7:00:00 AM

Valid to:
7/13/2017 6:59:59 AM

Subject:
CN=Tianjing Cheng, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
64a695b22972812012bd8ec6f124b15e

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Threat.Win.Reputation (M)
100.00%

1 / 68      (Malware)
ic-0.c28647666cbbb.exe  (1cc95e8ab346fa6dca7481289b2cca55)

1 / 68      (Malware)
setup.exe  (2ea614b28f3c5b6299456eaeb3fe942f)

1 / 68      (Malware)
setup.exe  (7ba66a3ac4eb797a93dae11113a5a135)

1 / 68      (Malware)
3gs_lj.exe  (a5cb286d48b2ff9563e6385d9b126476)

1 / 68      (Malware)
trotux.exe  (78c560dfcd9bf4ee46e597bb1ad79bae)

1 / 68      (Malware)
lyi_my.exe  (67511ebfef002666584e002cdecefc74)

1 / 68      (Malware)
dam_ay.exe  (cc3bae0badc924995dde4c93e998f4fc)

1 / 68      (Malware)
setup.exe  (17f5178ea0f9be0af937f3797f173151)

1 / 68      (Malware)
10yluxc09.exe  (14bf692b9018a44f0adbecd254891b6e)

1 / 68      (Malware)
qca_zt.exe  (d088ad051f7247933b5a4b625f825a08)

1 / 68      (Malware)
adv_288.exe  (5ef66c1985f332ae41ad990552ce5baf)

1 / 68      (Malware)
3gs_lj.exe  (27eeca191605393a495c6385e693b148)

1 / 68      (Malware)
lyi_my.exe  (09292f593ae400f898cfd892dcd12fe6)

1 / 68      (Malware)
1538.tmp  (6a503717c62efecd98b9442dd02e12d5)

1 / 68      (Malware)
14fd.tmp  (40f8cd38ff17414fd77c4189a846aebf)

1 / 68      (Malware)
3gs_lj.exe  (8336d798eadfcd0195e430db16f23fd7)

1 / 68      (Malware)
ic-0.93c8dfde54a128.exe  (fad637c14afc98ee1192185af374632d)

1 / 68      (Malware)
ek41cknn4.exe  (ad96b68e1fa0de3d5ff1085f7a94cec8)

1 / 68      (Malware)
trotux.exe  (6e32388923c34378550c03be2b37e26a)

1 / 68      (Malware)
5ulw4gxgt.exe  (23e5747fe478262a85ff450c68f39bf2)

1 / 68      (Malware)
kbmp9lnsh.exe  (65c4f1dac2478c125b70c03da7c92714)

1 / 68      (Malware)
trotux.exe  (0af18f832d974406459b3123e0340086)

1 / 68      (Malware)
a792.tmp  (e981f537e0b45457f055f157f2e88dd0)

1 / 68      (Malware)
lyi_my.exe  (3fbb7be8ca2db6f60bee0d9ca09fc571)

1 / 68      (Malware)
trmz.exe  (85399035661c77a175dd5d7d4d98ec4d)

1 / 68      (Malware)
trotux.exe  (151d1d036d94518a44993391a52d18b4)

1 / 68      (Malware)
dam_ay.exe  (d29383f6054822c4a8b3a1b7e62e84cb)

1 / 68      (Malware)
dam_ay.exe  (f5c22774c30f77be435b4ca4fc1237f7)

1 / 68      (Malware)
ic-0.a03082aa5321c.exe  (dc310fba7879a576d19130c800a85e3b)

1 / 68      (Malware)
3aa4.tmp  (36df6a841e49eb4f8dcf35ec81082b5c)

 
Latest 30 of 35 files

Downloads URLs for files signed by Tianjing Cheng.

1 / 68      (Malware)
http://d3g1g0k0wwnjag.cloudfront.net/.../dam_ay.exe  (cc3bae0badc924995dde4c93e998f4fc)

1 / 68      (Malware)
http://d3g1g0k0wwnjag.cloudfront.net/.../dam_ay.exe  (d29383f6054822c4a8b3a1b7e62e84cb)

The certificates below are also signed by Tianjing Cheng.

39EF032ECA9B0B73B637925D9418E0AF  (Aug 18, 2016 to Jul 13, 2017)

2B43B6884EB23BB7EFAC242C10CF356A  (Jan 05, 2017 to Jul 13, 2017)

616D02305A2AB5D5F4E142DAF5EB5D79  (Jan 18, 2017 to Jul 13, 2017)

02DFCF801A1597D8B8E3D4A88D17AC93  (Aug 16, 2016 to Jul 13, 2017)

09C58BB4FC1CC0CD780B35C3492181C6  (Jan 29, 2017 to Jul 13, 2017)

503A301A89468A06C614708E91B0942E  (Aug 23, 2016 to Jul 13, 2017)

2D9B7F221B6B58DF52AEF99AE9AA0FE9  (Jan 21, 2017 to Jul 13, 2017)

6A613CE6DAE33EE23E3053055DFF85DD  (Jan 22, 2017 to Jul 13, 2017)

3D90571A733BFC9781EFE8C48DDC2F3D  (Jan 10, 2017 to Jul 13, 2017)

4A78EC99EEEDE2829DF9F90F42E043DE  (Aug 11, 2016 to Jul 13, 2017)

10 of 23 code signing certificates issued

* Note, the details and description above are based on the code signing digital signature issued to Tianjing Cheng by thawte, Inc. on January 06, 2017 with the serial number '64a695b22972812012bd8ec6f124b15e'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.