Hi there! Just wanted to give you the heads-up on suspicious file I found right now before having my lunch. The file is named FlashPlayer__6741_i1404957756_il13.exe and digitally signed by SVAN TRANS LLC.
You can also see the SVAN TRANS LLC certificate by looking under the Digital Signature tab on the file’s properties. According to the certificate, SVAN TRANS LLC is located in Kiev, Ukraine.
The issue is that FlashPlayer__6741_i1404957756_il13.exe is not an official Flash Player download. If it was, it would be digitally signed by Adobe Systems Incorporated, and not by some unknown company from Ukraine.
25% of the scanners detected the file. The FlashPlayer__6741_i1404957756_il13.exe file is detected as PUA.Amonetize! by Agnitum, Gen:Variant.Application.Jaik by F-Secure and PUP.Optional.Amonetize by Malwarebytes. Thanks to VirusTotal for the scan report.
Since some of the anti-virus programs detected the SVAN TRANS LLC file, I got curious and decided to test it to see what it installed. After stepping though the installer, Salus Net Protector, RocketTab and My Start Search were disclosed.
Did you also find an SVAN TRANS LLC? Do you remember the download link? Please post it in the comments below and I’ll upload it to VirusTotal to see if that one is also detected.
Thanks for reading.
Found Svan trans llc here
hxxp://www.gamezhacktool .com/2014/04/bulu-monster-hack-tool-free-download.html
Thank you Nick, here’s the report for that file:
http://www.freefixer.com/library/file/Bulu%20MonsterHackToolSetup__8686_il57374.exe-152560/
hxxp://sh.st/uxhzP
Detection for that file: 18/55. Graftor and Amonetize are some of the detection names.
Supposedly a hack for Tanki Online.
hxxp://www.realcheats. net/android-tools/tanki-online-hack-tool-2014-crystal-hack/
Detection rate for that file: 8 / 55. It’s also called Graftor and Amonetiz.
File detected here
hxxp://youhackfree.blogspot .ro/2014/02/league-of-angels-diamonds-and-gold-hack.html
Is it Dangerous if i have downloaded one of these?
Don’t run that file. Although I don’t have the exact copy as you do, it will probably bundle lots of unwanted programs.
File detected here
hxxp://youhackfree.blogspot. ro/2014/02/league-of-angels-diamonds-and-gold-hack.html
Hello Cristi,
Here’s the detection results for that file:
http://www.freefixer.com/library/file/LeagueOfAngelsHackTool__7934_il1045735.exe-154048/
My friend sent me this hxxp://x. co/57qaj
and it’s SVAN trans llc
Hi Luke,
Here’s the detections for the file you found:
http://www.freefixer.com/library/file/Launcher__5160_i1418582349_il899349.exe-154049/
Here:
hxxp://www.remicblogs. com/bestebooksblog/2014/12/04/download-greek-tragedy-literary-study-online/