home

Yu Bao

Publisher Information

Yu Bao is a software publisher located in Beijing, China*. Thre are 267 additional code signing certificates issued to this publisher.
Authority:
thawte, Inc.

Valid from:
1/21/2017 1:00:00 AM

Valid to:
11/22/2017 12:59:59 AM

Subject:
CN=Yu Bao, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
708c988f093cfae968fe5525ca048aba

Scanner detections:
Malware distribution  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP (M)
98.00%

Bkav FE
[Microsoft Visual C++ 8]
2.00%

MicroWorld eScan
Gen:Variant.Sirefef.3437
2.00%

Malwarebytes
Adware.Elex
2.00%

VIPRE Antivirus
Trojan.Win32.Generic
2.00%

K7 AntiVirus
Trojan
2.00%

Baidu Antivirus
Win32.Trojan.Kryptik
2.00%

F-Prot
W32/S-cfe397c3
2.00%

avast!
Win32:Adware-gen [Adw]
2.00%

Bitdefender
Gen:Variant.Sirefef.3437
2.00%

1 / 68      (Malware)
ic-0.36b74b9173acf4.exe  (17e3a85a2667257632259a8908d80d9b)

1 / 68      (Malware)
ic-0.4abc7204151f2c.exe  (a4695370191826962562518b6e9e5580)

1 / 68      (Malware)
ic-0.3b7bd87b5fec18.exe  (33eaec4c3fb584519a3893572e0ffc22)

1 / 68      (Malware)
setup.exe  (dbe8b145f716e5442210375135ff943b)

1 / 68      (Malware)
3gs_lj.exe  (59878bf5c4a45613b98a03730fc1cbdf)

1 / 68      (Malware)
3gs_lj.exe  (e12441ef95d8535c22354ded584628db)

24 / 68    (PUP)
1ub7hrm58.exe  (31735d04aea084bded72ae97fb711d81)

1 / 68      (Malware)
ev75560nu.exe  (6946e451a9a352e1e8354f2e81aba0e5)

1 / 68      (Malware)
dam_ay.exe  (8d39bb5dcc8b8d6901c52b4fb0c006ae)

1 / 68      (Malware)
adv_288.exe  (bcfcea5a50ec0d21053fa885860b9ea4)

1 / 68      (Malware)
dam_ay.exe  (bb1990f407ac19cc88836ad3b08963da)

1 / 68      (Malware)
dam_ay.exe  (308c5c50aebcbbd590ba58923ce6d129)

1 / 68      (Malware)
utfnk64lw.exe  (263b58d9619717661347aea58f263b46)

1 / 68      (Malware)
lyi_my.exe  (f502b92bc980dda48ffb0d809c291624)

1 / 68      (Malware)
adv_288.exe  (306e0e82511e0a27b14ef9cf5f5e8f65)

1 / 68      (Malware)
dam_ay.exe  (681aca81e4d9156582708acbaab3d1fa)

1 / 68      (Malware)
fc41.tmp  (6a4a25f1d7b93bd9b4da523c2efe688e)

1 / 68      (Malware)
of.1.exe  (630ea748dfc30a04f06580760b43095e)

1 / 68      (Malware)
bsxdil5tc.exe  (6ce862af6196700e3bd0f611841492e5)

1 / 68      (Malware)
lyi_my.exe  (7a8231762afd3ae8cb0947662eca879f)

1 / 68      (Malware)
3gs_lj.exe  (97a14b6f7a371003d9399a3f60e1051d)

1 / 68      (Malware)
ic-0.de9c0cff7faa.exe  (233960e89bdce8d97f89b84bdbee8adc)

1 / 68      (Malware)
2cfb.tmp  (00b3f0f3abf58bffb425543bbcfc0314)

1 / 68      (Malware)
0cofg0s83.exe  (c21cfcbb2470b21dd31e3c153b9fef29)

1 / 68      (Malware)
adv_288.exe  (7c970421d1aa36aea29f4c57d334ba8e)

1 / 68      (Malware)
trotux.exe  (7d72f49d177f87a1b4922213981833ea)

1 / 68      (Malware)
ttgvazxe.exe  (ee447a701f7bfd9c92e1dc4c1d07ade0)

1 / 68      (Malware)
5mtxptrw1.exe  (605476032173657a2772c6951ab0a566)

1 / 68      (Malware)
34b4.tmp  (767e53d9c04d30db5f455f37229b1ced)

1 / 68      (Malware)
3gs_lj.exe  (d63cddd1153ae34026c549187cc72887)

 
Latest 30 of 59 files

Downloads URLs for files signed by Yu Bao.

1 / 68      (Malware)
http://d3g1g0k0wwnjag.cloudfront.net/.../dam_ay.exe  (308c5c50aebcbbd590ba58923ce6d129)

1 / 68      (Malware)
http://dgkytklfjrqkb.cloudfront.net/.../yomz.exe  (8628488128d9215adbccb20920502ba2)

1 / 68      (Malware)
http://d3g1g0k0wwnjag.cloudfront.net/.../3gs_lj.exe  (59878bf5c4a45613b98a03730fc1cbdf)

1 / 68      (Malware)
http://d3g1g0k0wwnjag.cloudfront.net/.../dam_ay.exe  (bb1990f407ac19cc88836ad3b08963da)

1 / 68      (Malware)
http://d3g1g0k0wwnjag.cloudfront.net/.../3gs_lj.exe  (c9e71f046df11365545b583d1ccbd1d4)

1 / 68      (Malware)
http://d11m2p9mpffp32.cloudfront.net/.../fss_zt.exe  (630ea748dfc30a04f06580760b43095e)

1 / 68      (Malware)
http://d3g1g0k0wwnjag.cloudfront.net/.../dam_ay.exe  (681aca81e4d9156582708acbaab3d1fa)

1 / 68      (Malware)
http://dgkytklfjrqkb.cloudfront.net/.../yomz.exe  (7605942ad1f8db8f35b4e0d3c94209e7)

1 / 68      (Malware)
http://d3g1g0k0wwnjag.cloudfront.net/.../3gs_lj.exe  (d63cddd1153ae34026c549187cc72887)

1 / 68      (Malware)
http://d3g1g0k0wwnjag.cloudfront.net/.../dam_ay.exe  (8d39bb5dcc8b8d6901c52b4fb0c006ae)

The certificates below are also signed by Yu Bao.

324E4B124A3311B82F185FF09360D184  (Jan 06, 2017 to Nov 22, 2017)

1D3674A5213BF2E51F2E183E408F80E6  (Dec 20, 2016 to Nov 22, 2017)

35CA05C60046DEA03C4A5DF8481B2BF0  (Oct 28, 2016 to Nov 22, 2017)

3CE0BE60AB8302A19B71948EEBC13037  (Jan 11, 2017 to Nov 22, 2017)

43BB3BE4712D02B17D447D6D9B50507C  (Dec 13, 2016 to Nov 22, 2017)

484BF6F7CDB22658B1162CD6BDAA1187  (Oct 27, 2016 to Nov 22, 2017)

7EFDCDBDDDD82397B41ECF4BAAD4DA22  (Jan 23, 2017 to Nov 22, 2017)

54A170102461FDC967ACFAFE4BBBC7F0  (Oct 18, 2016 to Nov 22, 2017)

61B528D05997B8CA693F5E31E637BE7E  (Nov 17, 2016 to Nov 22, 2017)

78FEDF9BCEB6E1DEB5B1C2F81C3A917E  (Dec 29, 2016 to Nov 22, 2017)

10 of 267 code signing certificates issued

* Note, the details and description above are based on the code signing digital signature issued to Yu Bao by thawte, Inc. on January 21, 2017 with the serial number '708c988f093cfae968fe5525ca048aba'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.