» Yuanyuan Zhang
Digital Signature
Analysis
Files (13)

Yuanyuan Zhang

Publisher Information

Yuanyuan Zhang is a software publisher located in Beijing, China*. A majority of the programs developed by the company can be classified as adware or other potentially unwanted programs. Thre are 119 additional code signing certificates issued to this publisher.

Authority:

thawte, Inc.

Valid from:

6/3/2016 12:00:00 AM

Valid to:

4/20/2017 11:59:59 PM

Subject:

CN=Yuanyuan Zhang, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

7e66f70ab6657435621ef2088bc6984d

Scanner detections:

Detections (85% detected)

Scan engine

Details

Detections

Reason Heuristics

PUP.Mutahba (M)

53.85%

Microsoft Security Essentials

Threat.Undefined

53.85%

ESET NOD32

Win32/Floxif.H virus, Win32/Obfuscated.NGK trojan

38.46%

avast!

Win32:Pioneer-C, Win32:Malware-gen

38.46%

Emsisoft Anti-Malware

Win32.Floxif

30.77%

AVG

Win32/Floxif.A

30.77%

F-Prot

W32/Floxif.B

30.77%

Norman

Win32.Floxif.A

30.77%

Kaspersky

Virus.Win32.Pioneer

30.77%

Dr.Web

Win32.FloodFix.7

23.08%

9 / 68 (Malware)

doroghtshejasmoduletask.exe (b8092ec5c000dd80235b1ee042e04d26)

2 / 68 (inconclusive)

tmp0000000299e84ff4f1d1cb50 (b5f51d6f0bd8635a781e3bc9fe920131)

13 / 68 (Malware)

doroghtshejasmoduletask.exe (55a8635e2191aac41f597a4587f387bd)

2 / 68 (inconclusive)

tmp00000001539ae9a0ee84f53e (97be32fbbd5f25b3f325951b72d04c5f)

11 / 68 (Malware)

doroghtshejasmoduletask.exe (61799db708b6d06ff03af625fa7e53ab)

1 / 68 (PUP)

doroghtshejasmoduletask.exe (7218d74a200088187454994ed885b794)

12 / 68 (Malware)

doroghtshejasmoduletask.exe (bc184d005ba59538f52b47600edc3081)

2 / 68 (PUP)

doroghtshejasmoduletask.exe (4e049cc95a05456c319b36e9537b05f8)

1 / 68 (PUP)

hacother.dll (27a48c23229e37da7cf1c4b31d8138eb)

1 / 68 (PUP)

hacother.dll (7ce2b80da8fbe7086233194676590cca)

1 / 68 (PUP)

kunecult.dll (6384fe648696dbb56b79e961e3bd156e)

1 / 68 (PUP)

doroghtshejasmoduletask.exe (700a207ddae3a0bc058449df5f751b9b)

1 / 68 (PUP)

doroghtshejasmoduleservice.html5 (e6fccbf6f024ed53db1ced12ee5e1365)

The certificates below are also signed by Yuanyuan Zhang.

12BC51B31A3CC4B7A8094D83BEC277BD (Dec 27, 2016 to Apr 21, 2017)

3081141C764796D872BBDA12C34F88C0 (Dec 16, 2016 to Apr 21, 2017)

3E7226618C58784C3154021DC17622C6 (Aug 11, 2016 to Apr 21, 2017)

415CDF818C7C924DC84F63AA2531D3C8 (Jul 14, 2016 to Apr 21, 2017)

622FC0CB77EB19E5CCF78E2607D114CA (May 26, 2016 to Apr 21, 2017)

658A86E3C9F53340831B2B6A1056D8DE (Nov 03, 2016 to Apr 21, 2017)

6E90BF185D1CDB99BA109F1709D36FE5 (Jul 01, 2016 to Apr 21, 2017)

726D1406E89243809D9F35DF1FA9F416 (Nov 02, 2016 to Apr 21, 2017)

7B75C6B0A09AFDB9787F6DFF75AE7844 (Oct 17, 2016 to Apr 21, 2017)

04AB8A622B70EF0F2322969A064A4E3E (Jan 18, 2017 to Apr 21, 2017)

10 of 119 code signing certificates issued

* Note, the details and description above are based on the code signing digital signature issued to Yuanyuan Zhang by thawte, Inc. on June 03, 2016 with the serial number '7e66f70ab6657435621ef2088bc6984d'.

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.