Hello! If you’ve been following me for the last year you know that I’ve been examining many software publishers that put a digital signature on their downloads. Today I found another publisher called LLC “SOFT TRADE LTD”.
Typically you’d see the LLC “SOFT TRADE LTD” publisher name appear when double-clicking on the FlashPlayer__6741_i1609075630_il45347.exe file: It is also possible to check a digital signature by looking at a file’s properties. Here’s a screenshot of the LLC “SOFT TRADE LTD” certificate.
The company is located in Ukraine says the certificate. UserTrust and Comodo is found in the certificate chain:
What caught my attention was that the download was called FlashPlayer__6741_i1609075630_il45347.exe. This might look like an official Adobe Flash Player download, but it is not. If it was an official download, it should be digitally signed by Adobe Systems Incorporated. Here’s how the authentic Adobe Flash Player looks like when you double click on it. Notice that the “Verified publisher” says “Adobe Systems Incorporated”.
Here’s how the LLC “SOFT TRADE LTD” installer looks like:
ADWARE/Amonetize.Gen and a variant of Win32/Amonetize.HN potentially unwanted are some detection names according to VirusTotal:
Did you also find a LLC “SOFT TRADE LTD” file? What kind of download was it? If you remember the download link, please post it in the comments below.
Thank you for reading.
Found this suspect site when trying to find a printer driver. hxxp://korrektbt .hu/services/page.php?q=driver-officejet-pro-1150c-xp
Had a digital signature from LLC “Soft Trade Ltd” on the downloaded file. Did not install after reading your article.
on this webside: hxxps://dailyuploads .net/vn9n5lt3q8gf
I downloaded this file: Kon Boot for Windows 2.5.0.rar__14714_il19494
and surprise:
Installation llr1
LLC “SOFT TRADE LTD”
Did not install!