{"id":2449,"date":"2014-10-27T19:33:00","date_gmt":"2014-10-27T19:33:00","guid":{"rendered":"http:\/\/www.freefixer.com\/b\/?p=2449"},"modified":"2018-05-29T12:01:55","modified_gmt":"2018-05-29T12:01:55","slug":"shetef-solutions-consulting-1998-ltd","status":"publish","type":"post","link":"https:\/\/www.freefixer.com\/b\/shetef-solutions-consulting-1998-ltd\/","title":{"rendered":"Shetef Solutions & Consulting (1998) Ltd. – 25% Detection Rate"},"content":{"rendered":"

Good evening! Lately I’ve been looking on the digital signatures on those files that push various types of unwanted programs. Right now\u00a0I found a new file called FlashPlayer__6741_i1387048386_il2537.exe, digitally signed by Shetef Solutions & Consulting (1998) Ltd.<\/strong>.<\/p>\n

\"Shetef<\/a><\/p>\n

You can also look at the Shetef Solutions & Consulting (1998) Ltd. certificate and digital signature by looking under the Digital Signatures tab on the file’s properties. According to the certificate, Shetef Solutions & Consulting (1998) Ltd. is located in Rannana, Israel. The certificate appears to relatively new. Its validity began on the 13th of October.<\/p>\n

\"Shetef<\/a><\/p>\n

The issue here is that if FlashPlayer__6741_i1387048386_il2537.exe really was an installer file for Flash Player, it should have been digitally signed by Adobe System Incorporated<\/strong> and not by some unknown company. This looks suspicious.<\/p>\n

The VirusTotal<\/a> report shows that the Shetef Solutions & Consulting (1998) Ltd. file should be avoided, since FlashPlayer__6741_i1387048386_il2537.exe is detected as Adware.Downware.8876<\/strong> by DrWeb, Gen:Variant.Graftor.161610<\/strong> by F-Secure and PUP.Optional.Amonetize<\/strong> by Malwarebytes.<\/p>\n

\"Shetef<\/a><\/p>\n

Since the download was detected I decided to give it a try to see what it installed. During my test I could see Wajam, Salus – Net Protector<\/a> and My Start Search install on my lab machine.<\/p>\n

Did you also find a file digitally signed by Shetef Solutions & Consulting (1998) Ltd.? What kind of download was it and where did you find it?<\/p>\n

Thanks for reading.<\/p>\n","protected":false},"excerpt":{"rendered":"

Good evening! Lately I’ve been looking on the digital signatures on those files that push various types of unwanted programs. Right now\u00a0I found a new file called FlashPlayer__6741_i1387048386_il2537.exe, digitally signed by Shetef Solutions & Consulting (1998) Ltd.. You can also look at the Shetef Solutions & Consulting (1998) Ltd. certificate and digital signature by looking … Continue reading Shetef Solutions & Consulting (1998) Ltd. – 25% Detection Rate<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[54],"tags":[126,186,98],"_links":{"self":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/2449"}],"collection":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/comments?post=2449"}],"version-history":[{"count":4,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/2449\/revisions"}],"predecessor-version":[{"id":2725,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/2449\/revisions\/2725"}],"wp:attachment":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/media?parent=2449"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/categories?post=2449"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/tags?post=2449"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}