» WebAttack, Inc.
Digital Signature
Analysis
Files (35)
Downloads (9)
Distribution (4)
Related (32)

WebAttack, Inc.

Publisher Information

WebAttack, Inc. is a software developer located in Lake Mary, Florida in the United States*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs.

Authority:

COMODO CA Limited

Valid from:

7/23/2014 2:00:00 AM

Valid to:

7/24/2015 1:59:59 AM

Subject:

CN="WebAttack, Inc.", O="WebAttack, Inc.", STREET="4044 W. Lake Mary Blvd., Unit# 104-350", L=Lake Mary, S=Florida, PostalCode=32746, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

3523d0b421916b3196e7d04c1183676d

Scanner detections:

Detections (97% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Bundler.InstallCore, PUP.WebAttack.Installer (M), PUP.InstallCore.Bundler (M), PUP.WebAttack.Bundler (M), PUP.installCore.WebAttack.Installer (M), PUP.installCore.WebAttac.Installer (M), PUP.installCore (M)

68.57%

AVG

Generic

57.14%

ESET NOD32

Win32/InstallCore.PZ (variant), Win32/InstallCore.YK potentially unwanted (variant)

45.71%

Baidu Antivirus

Adware.Win32.InstallCore

42.86%

VIPRE Antivirus

Trojan.Win32.Generic

40.00%

Vba32 AntiVirus

Malware-Cryptor.InstallCore.gen

34.29%

Bkav FE

W32.HfsAdware

31.43%

NANO AntiVirus

Riskware.Win32.InstallCore.dfgmiy

28.57%

Avira AntiVirus

ADWARE/InstallCore.Gen9, PUA/InstallCore.A.2387, PUA/InstallCore.Gen

28.57%

Trend Micro House Call

Suspicious_GEN.F47V1126, Suspicious_GEN.F47V1111, Suspicious_GEN.F47V0317, Suspicious_GEN.F47V0403, Suspicious_GEN.F47V0425

25.71%

1 / 68 (PUP)

icreinstall_spelloe_setup.exe (My Program) (26c6ced48b32b275dd3a0c87999a8edc)

1 / 68 (PUP)

pci_us_smartrecovery.exe (My Program) (a48ebc046efcc42f496eef388b8f9c9c)

1 / 68 (PUP)

winsockxpfix.exe (My Program) (6e394c01aebad10fe8d01aa7eea9d7e3)

1 / 68 (PUP)

icreinstall_installer_restoration.exe (Internet Generic by Generic Installer) (de43d544d4286d8c57a61a12d0076d18)

1 / 68 (PUP)

icreinstall_installer_pci_filerecovery.exe (Internet Generic by Generic Installer) (12e4d2618f31f1cb7065ab944f5b5b40)

1 / 68 (PUP)

rest2514.exe (My Program) (4c29647ca6ca52fc9c9b24d261c3608a)

1 / 68 (PUP)

pandorarecovery.exe (My Program) (476ccdda18ddba076a26af48a2a3b228)

1 / 68 (PUP)

installer_pci_filerecovery.exe (Internet Generic by Generic Installer) (24c87c2a5754a8e77fd67f0cd8033635)

1 / 68 (PUP)

icreinstall_installer_restoration.exe (Installer Soft by Internet) (d11c9f2daa1e83f299bf5fdae80d83e7)

1 / 68 (PUP)

installer_spelloe_setup.exe (Internet Generic by Generic Installer) (7a32aa599c7f0fb01b1fa8fa858c82f9)

1 / 68 (PUP)

installer_pci_filerecovery.exe (Internet Generic by Generic Installer) (ca78e610276a52ef3bf36d60c35c7da2)

1 / 68 (PUP)

snapfiles.com_downloader_v1.0.5.a0.1_37783_435_stub.exe (Internet Generic by Generic Installer) (91bff6d065fd72ba96c302f4089183e6)

1 / 68 (PUP)

yrsetup.exe (My Program) (55195d13411d644a3569af0d9bf01395)

11 / 68 (PUP)

installer_restoration.exe (Internet Generic by Generic Installer) (94fed54a3b95fc2d326d04ddfccea162)

8 / 68 (PUP)

installer_restoration.exe (Internet Generic by Generic Installer) (ec495404529eb52b6de87480827c7e67)

7 / 68 (PUP)

2b45.tmp (Internet Generic by Generic Installer) (d21f109faa2ffd8fba8e47291a537c14)

10 / 68 (PUP)

icreinstall_installer_winsockxpfix.exe (Internet Generic by Generic Installer) (95e3fa33447f46d0147556d8af973aa1)

1 / 68 (PUP)

133e.tmp (Internet Generic by Generic Installer) (f0aa6658df0e32d3ce5facd516502248)

10 / 68 (PUP)

installer_winsockxpfix.exe (Internet Generic by Generic Installer) (7bfae4a55bb6374d754102c0bf24fd6d)

9 / 68 (PUP)

installer_restoration.exe (Internet Generic by Generic Installer) (160f26abc4eb132d95647cda8ca5724d)

8 / 68 (PUP)

icreinstall_installer_winsockxpfix.exe (Internet Generic by Generic Installer) (617c9d51daa4bbb447f34c43b9f2d721)

9 / 68 (PUP)

installer_restoration.exe (Internet Generic by Generic Installer) (b43eea8fa6255ea53a8cb0552eafa0eb)

1 / 68 (PUP)

installer_pci_filerecovery.exe (Internet Generic by Generic Installer) (4706bddb9dd0e657b026d87481522a99)

8 / 68 (PUP)

winsockxpfix.exe (My Program) (515b006342a5f9b683d02d9a56c0ac74)

11 / 68 (PUP)

rest2514.exe (My Program) (bcffea379e9dabd11032e8a917de4da7)

14 / 68 (PUP)

srip32.exe (My Program) (84d267229ac1e295cb0963106c855651)

5 / 68 (PUP)

installer_restoration.exe (Internet Generic by Generic Installer) (d4d9a6abc40d4620304b9f2e0c9f56ae)

5 / 68 (PUP)

installer_restoration.exe (Installer Soft by Internet) (fc9c173abd4b5140b5f6665e7e5194dc)

12 / 68 (PUP)

mwsnap300.exe (My Program) (2c03d47e47187a360a79c41a34f035db)

10 / 68 (PUP)

rest2514.exe (My Program) (4a20179c31fc604a8d7a6b884c2fc541)

Latest 30 of 35 files

Downloads URLs for files signed by WebAttack, Inc..

9 / 68 (PUP)

http://cdn.snapfilescontentdownload.com/c?x=otBbDtBH8aW42QI7IRiqm1j9yg8i3EkhGtmOxl24/v8=&c=34/OGLsFe/nC e7D97pankWruW6GArTeYxq0jSOKvbUeYpt4/bbVyG52NBiBuH434MkKNCNMUAr/knwmYNbkJA==&downloadAs=Installer_Restoration.exe&fallback_url=http://files.snapfiles.com/.../REST2514.exe (b43eea8fa6255ea53a8cb0552eafa0eb)

5 / 68 (PUP)

http://www.bundlefileschuckle.com/c?x=iZa3HeNDT0UWyJS0/Os4lwVIh94Twv49nDi71kND6a0=&c=Y/TqeU MW8bzcMMfO8DAIL4ORNlriZctPiRH9DdFIKVugyTtakNrf2f0bt3IhhK9zKNGcr5fhkaiOd2U cR9qjWXzj9XxP1bxY7WvODhSH7fTJjT1/ESkMEgvDmzi5N3 IGrWAemvV1CynYynX/R3g==&downloadAs=Installer_Restoration.exe&fallback_url=http://files.snapfiles.com/.../REST2514.exe (d4d9a6abc40d4620304b9f2e0c9f56ae)

5 / 68 (PUP)

http://www.bundlefileschuckle.com/c?x=gk8hgr7Gi30XTr/Ve/2KPSz93JwPBO/j4fDjwmvMrEw=&c=SB0Tol6pqdeIDLAhrjZKodj7EUkswBPU/wMVzkU2KmF0YpRsZEjk IZlUgXunmtWwGpxYtQkpsy5gD5gbkA1ttS2LEsYt JYu8v0p x2Yn1KYMRNBVwy MR0lJpB6mWXe gGtobxOED7uRhDwFmCfw==&downloadAs=Installer_Restoration.exe&fallback_url=http://files.snapfiles.com/.../REST2514.exe (d4d9a6abc40d4620304b9f2e0c9f56ae)

10 / 68 (PUP)

http://cdn.snapfilescontentdownload.com/c?x=rKvkRL wmSu41xb7d6UX5UnKOzlTwJI71wBebrxvgdE=&c=zzAQ8waR mdqtxXtBpTSoZ7 dSSBpmKb6JHtN0EAxfa3SaxcAIF JouQP 1aIzmCI59h9n1aJQEq088BdYHdOR2EHmxgIENR0veOfx/f9rc=&downloadAs=Installer_WinsockXPFix.exe&fallback_url=http://files.snapfiles.com/.../WinsockxpFix.zip (7bfae4a55bb6374d754102c0bf24fd6d)

11 / 68 (PUP)

http://www.snapfiles.com/localdl/.../dlrestoration.php (rest2514.exe)

5 / 68 (PUP)

http://www.snapfiles.com/localdl/.../dldeskpins.php (icreinstall_deskpins130.exe)

4 / 68 (inconclusive)

http://files.snapfiles.com/localdl/.../dlrobosizer.php (robosizersetup.exe)

5 / 68 (PUP)

http://www.snapfiles.com/localdl/.../dlpcinspector.php (pci_filerecovery.exe)

5 / 68 (PUP)

http://www.snapfiles.com/localdl/.../dlrestoration.php (icreinstall_rest2514.exe)

Distribution

The following websites host and distribute files published by WebAttack, Inc..

www.bundlefileschuckle.com

cdn.snapfilescontentdownload.com

www.snapfiles.com

files.snapfiles.com

The following publishers (by Authenticode signature organization name) are related.

IObit Information Technology

MiniTool Solution Ltd

MailStore Software GmbH

Pandora Corp

Emsi Software GmbH

Ivaylo Beltchev

Tesline-Service s.r.l.

Joel Low - Open Source Developer

Chengdu Everimaging Science and Technology Co., Ltd

Artem Izmaylov

SOKNO S.R.L.

SOFTPERFECT PTY. LTD.

TCB Networks

Mediawave Corporation

30 of 32 publishers

* Note, the details and description above are based on the code signing digital signature issued to WebAttack, Inc. by COMODO CA Limited on July 23, 2014 with the serial number '3523d0b421916b3196e7d04c1183676d'.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.