{"id":7119,"date":"2015-08-31T21:48:59","date_gmt":"2015-08-31T21:48:59","guid":{"rendered":"http:\/\/www.freefixer.com\/b\/?p=7119"},"modified":"2015-08-31T21:48:59","modified_gmt":"2015-08-31T21:48:59","slug":"ooo-digital-vei-18-detection-rate-installcore","status":"publish","type":"post","link":"https:\/\/www.freefixer.com\/b\/ooo-digital-vei-18-detection-rate-installcore\/","title":{"rendered":"OOO DIGITAL VEI – 18% Detection Rate – InstallCore"},"content":{"rendered":"

Hello readers! Just a quick post on a publisher called OOO DIGITAL VEI<\/strong> that I found while running some tests for the upcoming FreeFixer release. The suspicious file is named adobe_flash_player.exe.<\/p>\n

\"OOO<\/a><\/p>\n

Viewing the certificate information is also possible by looking under the digital signature tab for the file. Here the certificate says that OOO DIGITAL VEI is located in Moscow, Russa.<\/p>\n

\"OOO<\/a><\/p>\n

And USERTrust and Comodo is upwards in the certificate chain:<\/p>\n

\"OOO<\/a><\/p>\n

What caught my attention was that the download was called adobe_flash_player.exe. This might look like an official Adobe Flash Player<\/strong> download, but it is not. If it was an official download, it should be digitally signed by Adobe Systems Incorporated<\/strong>. Here’s how the authentic Adobe Flash Player<\/strong> looks like when you double click on it. Notice that the “Verified publisher” says “Adobe Systems Incorporated”.
\n\"Adobe<\/a><\/p>\n

The problem with the OOO DIGITAL VEI file is that it is detected by many of the antivirus software. Here are some of the detection names: W32.HfsAdware.90CE, PUP.Optional.Bundle and InstallCore (fs).<\/p>\n

\"OOO<\/a><\/p>\n

Did you also find a OOO DIGITAL VEI download? What kind of download was it?<\/p>\n

Thank you for reading.<\/p>\n","protected":false},"excerpt":{"rendered":"

Hello readers! Just a quick post on a publisher called OOO DIGITAL VEI that I found while running some tests for the upcoming FreeFixer release. The suspicious file is named adobe_flash_player.exe. Viewing the certificate information is also possible by looking under the digital signature tab for the file. Here the certificate says that OOO DIGITAL … Continue reading OOO DIGITAL VEI – 18% Detection Rate – InstallCore<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[726,448,447,725],"_links":{"self":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/7119"}],"collection":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/comments?post=7119"}],"version-history":[{"count":1,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/7119\/revisions"}],"predecessor-version":[{"id":7124,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/7119\/revisions\/7124"}],"wp:attachment":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/media?parent=7119"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/categories?post=7119"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/tags?post=7119"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}