PSK LOGEUM LLC – 4% Detection Rate at VirusTotal

digital signature

Hello again, sorry for being slow on the posting lately. I blame it on the cold I caught last week. Anyway, just wanted to give you the heads up on a publisher called PSK LOGEUM LLC, that according to the embedded certificate appears to be located in Russia.

PSK Logeum LLC Publisher

psk logeum llc certificate

The reason I’m writing this blog post is that the PSK LOGEUM LLC file is detected by a few on the anti-virus programs. McAfee report it as BehavesLike.Win32.Dropper.ch and Qihoo reports it as Win32/Rootkit.Rootkig.7e5.

psk logeum publisher virustotal report

When I tested the PSK LOGEUM LLC file it installed an adware called BlockAndSurf.

Did you also find a PSK LOGEUM LLC file? What kind of download was it? If you remember the download link, please post it in the comments below.

Thanks for reading.

 

6 thoughts on “PSK LOGEUM LLC – 4% Detection Rate at VirusTotal

  1. hxxp://installdownload.net/fJuzTKCYBhByEU/?lp=pYuNFgA&fn=R2FyeSdzX01vZF92MTMuMDYuMDc=&channel=pbbm&ts=1411050354

  2. URL: hxxp://amazingspeeds.net/39BJLxDgCI/?lp=093d459b&fln=Rm9ybXVsYS4xLjIwMTQuSmFwYW5lc2UuR3JhbmQuUHJpeC5SYWNlLkJCQy1TTS5tcDQ=&channel=ktdlb&aff=2&ts=1412622589

    CONTENT ADVERTIZED: 2014 Japanese F! race video file. However, it was a .exe so I deleted it.

  3. I wish I read this sooner. After executing a program from them, i could no longer connect to any network.

  4. Almost every file I download and try to install through utorrent has the PSK Logeum LLC signature. It’s almost impossible to get anything from piratebay that doesn’t have it. So I’ve NEVER downloaded anything from there.

  5. hxxp://amazingstuff.mx/index.php/dAedlzw6ZPkyoL/rlViF?&rk=&channel=pbanl&fln=VGhlIFdhbGtpbmcgRGVhZCBTZWFzb24gNSBTMDVFMDEgU2FuY3R1YXJ5IDcyMHAgd2ViIGRsIHgyNjQ=&ts=1414865541
    Through pirate bay

    1. I uploaded the PSK LOGEUM LLC file from amazingstuff.mx. The detection rate is much better for this one:

      * AVG Generic5.CGGV 20141102
      * AVware Trojan.Win32.Generic!BT 20141031
      * Ad-Aware Gen:Variant.Application.Barys.35597 20141102
      * Agnitum PUA.WiseInstaller! 20141101
      * AhnLab-V3 PUP/Win32.SmartInstaller 20141101
      * Antiy-AVL GrayWare[AdWare:not-a-virus]/Win32.SmartInstaller 20141102
      * BitDefender Gen:Variant.Application.Barys.35597 20141102
      * ClamAV Win.Adware.Smartinstaller 20141102
      * Comodo Application.Win32.SmartInstaller.B 20141102
      * DrWeb Adware.Downware.8658 20141102
      * ESET-NOD32 Win32/AdWare.WiseInstaller.A 20141102
      * F-Prot W32/A-7fa7b163!Eldorado 20141031
      * F-Secure Gen:Variant.Application.Barys 20141102
      * GData Gen:Variant.Application.Barys.35597 20141102
      * Ikarus PUA.WiseInstaller 20141101
      * K7AntiVirus Adware ( 004af5201 ) 20141031
      * K7GW Adware ( 004af5201 ) 20141031
      * Kaspersky not-a-virus:AdWare.Win32.SmartInstaller.a 20141102
      * Malwarebytes PUP.Optional.SmartInstaller 20141102
      * McAfee Artemis!7778AB97DA77 20141102
      * MicroWorld-eScan Gen:Variant.Application.Barys.35597 20141101
      * NANO-Antivirus Riskware.Win32.SmartInstaller.dgkdju 20141102
      * Qihoo-360 Malware.QVM06.Gen 20141102
      * SUPERAntiSpyware PUP.SmartInstaller/Variant 20141101
      * Sophos SmartInstaller 20141031
      * VBA32 AdWare.SmartInstaller 20141031
      * Zillya Adware.SmartInstaller.Win32.3 20141101
      * nProtect Trojan-Clicker/W32.SmartInstaller.682504 20141031

      I tested to run the file and it installed “WebSearches”, “TinyWallet” and “Browser Warden”.

Comments are closed.