home

Yan Jiang

Publisher Information

Yan Jiang is a software developer located in Beijing, China*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs. Thre are 2 additional code signing certificates issued to this publisher.
Authority:
thawte, Inc.

Valid from:
11/26/2015 12:00:00 AM

Valid to:
11/25/2016 11:59:59 PM

Subject:
CN=Yan Jiang, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
5da147cd5813dfb43c70c7fd0a1b8461

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ELEX.YanJiang (M), PUP.ELEX (M)
84.00%

Dr.Web
Adware.Mutabaha.1057, Win32.Parite.2, Adware.Mutabaha.1057, Win32.FloodFix.7, Adware.Mutabaha.1065, Adware.Mutabaha.1065, Win32.Parite.2, Adware.Mutabaha.1065, Win32.FloodFix.7
48.00%

Microsoft Security Essentials
Threat.Undefined
38.00%

ESET NOD32
Win32/Parite.B virus, Win32/Floxif.H virus, Win32/ELEX.HH potentially unwanted application
38.00%

avast!
Win32:Parite, Win32:Pioneer-C, Win32:GenMalicious-BFP [Trj], Win32:Dropper-gen [Drp]
26.00%

AVG
Win32/Parite, Win32/Floxif.A
22.00%

F-Prot
W32/Parite.B, W32/Floxif.B
20.00%

Kaspersky
Virus.Win32.Parite, Virus.Win32.Pioneer
20.00%

F-Secure
Win32.Parite.B, Win32.Floxif.A
18.00%

Norman
Win32.Parite.B, Win32.Floxif.A
18.00%

1 / 68      (PUP)
wintaske.exe  (1c5167ac4f24a799ad8f4d6f197cf195)

1 / 68      (PUP)
tmp0000000188ecab48f2a0ec72  (93680849ac85d61f3509fec58370b2ea)

1 / 68      (PUP)
winsere.exe  (f2856e8d2af40bbb8c401fffc8913672)

1 / 68      (PUP)
wintaske.exe  (f3d303430d9dc6169536439cbdb2b3cd)

1 / 68      (PUP)
wintaske.exe  (52dabafbe381fe68f7073099c3ac4c3d)

1 / 68      (PUP)
winsere.exe  (ac321f5e29f874594bd65eb281055a48)

1 / 68      (PUP)
winsere.exe  (2ece1608424ab92be35b1caec58917bb)

1 / 68      (PUP)
tmp0000001ac93ec6408ef70c7c  (0b05160a9be68c3f0da8f74f302c7627)

1 / 68      (PUP)
wintaske.exe  (c1de0c45192b94e06421158f31308717)

1 / 68      (PUP)
winsere.exe  (b2ebe23f1f226e247e22151a3fac5b2f)

4 / 68      (PUP)
tmp00000001415d5d6ead957377  (3e3e62d67a8ef55f49931cfd7de1564c)

4 / 68      (PUP)
tmp00000001b1caa10757c94808  (35905bad43d18c833a05daadf5432520)

1 / 68      (PUP)
wintaske.exe  (1c5167ac4f24a799ad8f4d6f197cf195)

4 / 68      (PUP)
tmp00000084b49470e9f2690cb4  (bd79961ec7c9f7f60a3222a1d3a702c0)

4 / 68      (PUP)
tmp00000023ee11ac38306a54a8  (779c88ae292f13ecd624009d572b279e)

11 / 68    (PUP)
wintaske.exe  (5e53f9eb5131b53252b76fb5ccf2e3db)

4 / 68      (PUP)
tmp00000001025001e0d2c077ba  (dde200283c2c4038ac88886ab667432d)

1 / 68      (PUP)
wintaske.exe  (5a7db1574bf41873ebf00824b349fb85)

1 / 68      (PUP)
winsere.exe  (a7286a81a35230e3bb99741cff82dc60)

1 / 68      (PUP)
winsere.exe  (a85988c63d3d08f56593151d82fef333)

4 / 68      (PUP)
wintaske.exe  (ad876ebb59371912ef14e06c6985acd9)

1 / 68      (PUP)
wintaske.exe  (181201cee4bfc0636ef7e8c49225ff84)

1 / 68      (PUP)
winsere.exe  (68084b96bee2704e0c585562785387cd)

13 / 68    (PUP)
wintaske.exe  (dd2053fad85f26e57c8679bfc1683d74)

5 / 68      (PUP)
tmp000000032473131bd6c380d9  (af37120c8891690629bdb8421be84698)

4 / 68      (PUP)
tmp00000002e4ea6d614384e33b  (5a39558737faeab67e2601d29057e858)

4 / 68      (PUP)
winsere.exe  (1a6ee659663977fafb448204113e4a8e)

4 / 68      (PUP)
tmp000017a32729722908a10bd0  (54be980ef4885a24046e922694abcdc9)

1 / 68      (PUP)
winsere.exe  (5fb7c87bd4e3717cfc3872c1982a4131)

1 / 68      (PUP)
winsere.exe  (4acf1f75d68539ee5c1f271db373ec1c)

 
Latest 30 of 59 files

The certificates below are also signed by Yan Jiang.

0D086736E024A587D6959B6C9B0C8655  (Mar 14, 2016 to Nov 26, 2016)

0598E5864B2E0395E5EBA045B12A8741  (Apr 04, 2016 to Nov 25, 2016)

* Note, the details and description above are based on the code signing digital signature issued to Yan Jiang by thawte, Inc. on November 26, 2015 with the serial number '5da147cd5813dfb43c70c7fd0a1b8461'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.