{"id":7700,"date":"2015-10-07T08:14:28","date_gmt":"2015-10-07T08:14:28","guid":{"rendered":"http:\/\/www.freefixer.com\/b\/?p=7700"},"modified":"2018-05-29T11:55:44","modified_gmt":"2018-05-29T11:55:44","slug":"llc-deka-soft-9-detection-rate-pua-bundler-amonetize-trojan-win32-agent-dxmgor","status":"publish","type":"post","link":"https:\/\/www.freefixer.com\/b\/llc-deka-soft-9-detection-rate-pua-bundler-amonetize-trojan-win32-agent-dxmgor\/","title":{"rendered":"LLC “DEKA-SOFT” – 9% Detection Rate – PUA.Bundler.Amonetize \/ Trojan.Win32.Agent.dxmgor"},"content":{"rendered":"

Hi there! Was looking for some downloads to play around with and found one, digitally signed by LLC “DEKA-SOFT”:<\/strong>\"LLC<\/a><\/p>\n

You can see who the signer is when double-clicking on an executable file. LLC “DEKA-SOFT” appears in the publisher field in the dialog that pops up. It is also possible to check a digital signature by looking at a file’s properties. Here’s a screenshot of the LLC “DEKA-SOFT” certificate.<\/p>\n

\"LLC<\/a><\/p>\n

According to the certificate, DEKASOFT is located Ukraine<\/strong>. Comodo has issued the certificated back in July.<\/p>\n

The reason I’m writing this blog post is that the LLC DEKA-SOFT file is detected by some of the anti-virus software at VirusTotal<\/a>. Ikarus reports PUA.Bundler.Amonetize<\/strong>, ESET-NOD32 names the file as a variant of Win32\/Amonetize.JT potentially unwanted<\/strong>, NANO-Antivirus calls it Trojan.Win32.Agent.dxmgor<\/strong> and Rising detects it as PE:Malware.RDM.14!5.14[F1]<\/strong>.<\/p>\n

\"LLC<\/a><\/p>\n

Did you also find a LLC “DEKA-SOFT” file? Do you remember where you downloaded it?<\/p>\n

Thank you for reading.<\/p>\n","protected":false},"excerpt":{"rendered":"

Hi there! Was looking for some downloads to play around with and found one, digitally signed by LLC “DEKA-SOFT”: You can see who the signer is when double-clicking on an executable file. LLC “DEKA-SOFT” appears in the publisher field in the dialog that pops up. It is also possible to check a digital signature by … Continue reading LLC “DEKA-SOFT” – 9% Detection Rate – PUA.Bundler.Amonetize \/ Trojan.Win32.Agent.dxmgor<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[54],"tags":[126,726,305],"_links":{"self":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/7700"}],"collection":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/comments?post=7700"}],"version-history":[{"count":1,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/7700\/revisions"}],"predecessor-version":[{"id":7707,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/posts\/7700\/revisions\/7707"}],"wp:attachment":[{"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/media?parent=7700"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/categories?post=7700"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.freefixer.com\/b\/wp-json\/wp\/v2\/tags?post=7700"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}