home

Zhixiong Zhao

Publisher Information

Zhixiong Zhao is a software developer located in Guangzhou, Guandong in China*.
Authority:
thawte, Inc.

Valid from:
6/1/2015 9:00:00 PM

Valid to:
6/1/2016 8:59:59 PM

Subject:
CN=Zhixiong Zhao, OU=Individual Developer, O=No Organization Affiliation, L=Guangzhou, S=Guandong, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
57409ebfebeaf8b7abaf024abacc1a0d

Scanner detections:
Malware distribution  (92% detected)

Scan engine
Details
Detections

Reason Heuristics
Trojan.Ghokswa (M)
100.00%

Norman
Gen:Variant.Adware.Ghoskwa.1
4.35%

F-Secure
Variant.Adware.Ghoskwa
2.17%

Emsisoft Anti-Malware
Gen:Variant.Adware.Ghoskwa
2.17%

1 / 68      (Malware)
updatehelper.dll-1782050682  (d923a245789600745b0600d119b7ef2f)

1 / 68      (Malware)
browserserver.exe-1782050775  (8f3b5c6ffced9a6aac1ff39b8a485aa3)

1 / 68      (Malware)
browserserver.exe  (a5229a874bc80404a376efcb49c8158b)

3 / 68      (PUP)
tmp00000001bb248f95e32e14fd  (c4b96f94ec414af8bbdb9f570ca99dd2)

3 / 68      (PUP)
tmp00000101235103826f202ebb  (b212bc33d58eba74a011f851409619cc)

1 / 68      (Malware)
pepflashplayer.dll (Shockwave Flash by Adobe Systems)  (8430dc0d5062b512f294eecd538e258d)

1 / 68      (Malware)
updatehelper.dll  (1438a9a97093f962a54a6ebe8a8dac2b)

1 / 68      (Malware)
wow_helper.exe  (c94e4ed6165e21dcdf75b579ec995021)

1 / 68      (Malware)
metro_driver.dll (Ghokswa by The Ghokswa Authors)  (23ef48da0c72a4840fb51299798b0f12)

0 / 68
libGLESv2.dll (ANGLE libGLESv2 Dynamic Link Library)  (ebbb2b273a8ef79a29c35c7785b93853)

1 / 68      (Malware)
libexif.dll  (1613d0d8eefcd55312f1d30b8b023643)

0 / 68
libEGL.dll (ANGLE libEGL Dynamic Link Library)  (d9569e12e028230823938b3236b0eeb8)

1 / 68      (Malware)
delegate_execute.exe (Ghokswa by The Ghokswa Authors)  (2872b0e720ea306201902affe8d26d2f)

1 / 68      (Malware)
d3dcompiler_47.dll (Direct3D HLSL Compiler for Redistribution by Microsoft)  (fa9d7feec1af5d262e56e3814e03191c)

1 / 68      (Malware)
chrome_watcher.dll (Ghokswa by The Ghokswa Authors)  (4837259676cf831aae5d1ae1c3b10153)

1 / 68      (Malware)
chrome_elf.dll (Ghokswa by The Ghokswa Authors)  (b9a0685bdcc2ef861d2de2fe5f08f921)

1 / 68      (Malware)
chrome_child.dll (Ghokswa by The Ghokswa Authors)  (46a6f6c7c596e1b6f43baacd164885f0)

1 / 68      (Malware)
chrome.dll (Ghokswa by The Ghokswa Authors)  (fa30cadc2bed9f0769ba5bff5421c8cf)

1 / 68      (Malware)
chrome.exe (Ghokswa by The Ghokswa Authors)  (b0f051d56ecb120acc9bf6c87f5475fd)

1 / 68      (Malware)
msupsvc.exe  (88e1ef580bb52b762db47bc7b44865b3)

1 / 68      (Malware)
uninstall.exe  (9da513794808a1379cc886a50c7a3d2d)

1 / 68      (Malware)
pepflashplayer.dll (Shockwave Flash by Adobe Systems)  (b60fc6feefa131f480462cfe999f3263)

1 / 68      (Malware)
updatehelper.dll  (5f6e0187fa9e8a4c2848380a11ee9f6c)

1 / 68      (Malware)
uninstall.exe  (d35147c79f5e5df5a9253c7d6eee2915)

1 / 68      (Malware)
loghelper.dll  (7fdf23dc5eefde845a28a3f67eb273a6)

1 / 68      (Malware)
browserserver.exe  (b9e950a081a267cc93991997f40c4144)

1 / 68      (Malware)
wow_helper.exe  (c6b7bb92418971615ccbe6a551ff6706)

1 / 68      (Malware)
metro_driver.dll (Ghokswa by The Ghokswa Authors)  (670242035f6204907c7f3db239a4f415)

0 / 68
libGLESv2.dll (ANGLE libGLESv2 Dynamic Link Library)  (a944c039392d3beb14e0bd5ae8dc0fc3)

1 / 68      (Malware)
libexif.dll  (deb788df87a3263f91b2f9ec7c20a59b)

 
Latest 30 of 318 files

* Note, the details and description above are based on the code signing digital signature issued to Zhixiong Zhao by thawte, Inc. on June 01, 2015 with the serial number '57409ebfebeaf8b7abaf024abacc1a0d'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.