Bit Cocktail Ltd.

Publisher Information

Bit Cocktail Ltd. is a software developer located in Herzeliya, Israel*. The publisher primarily developes software that can be classified as adware. There is one additional code signing certificate issued to this publisher.
Remove Bit Cocktail Ltd. Malware - Powered by Reason Core Security
Authority:
Thawte, Inc.

Valid from:
1/17/2012 1:00:00 AM

Valid to:
1/17/2013 12:59:59 AM

Subject:
CN=Bit Cocktail Ltd., O=Bit Cocktail Ltd., L=Herzeliya, S=Herzeliya, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
613e461899a05578474d1423cf9cc340

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.BitCocktail.L, PUP.BitCocktail.P, PUP.BitCocktail.X, PUP.Installer.BitCocktail.C, PUP.BitCocktail.C, PUP.BHO.BitCocktail.L, PUP.BitCocktail (M), PUP.BitCocktail.IncrediBar.Installer (M)
100.00%

ESET NOD32
Win32/Toolbar.Perion (variant), Win32/Toolbar.BitCocktail (variant), Win32/Toolbar.Perion.J potentially unwanted (variant)
44.00%

Baidu Antivirus
Trojan.Win32.Agent, Adware.Win64.Perion, Adware.Win32.BitCocktail, Adware.Win32.Perion, Trojan.Win32.Toolbar
42.00%

Trend Micro House Call
TROJ_GEN.F47V0830, TROJ_GEN.F47V0722, HV_AGENT_BK082D22.TOMC, TROJ_GEN.F47V1011, Suspicious_GEN.F47V1109, Suspicious_GEN.F47V0315, Suspicious_GEN.F47V1012
34.00%

Antiy Labs AVL
Trojan/Win32.TSGeneric, Trojan[Packed]/Win32.Katusha, RiskWare[WebToolbar:not-a-virus]/Win32.Perinet
24.00%

Sophos
BitCocktail, PUA 'BitCocktail'
22.00%

Dr.Web
Program.SysTreak.1, Adware.Shopper.918
22.00%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Win32.Troj.Agent2.(kcloud), VIRUS_UNKNOWN
18.00%

NANO AntiVirus
Riskware.Win32.SysTreak.decchs, Trojan.Win32.WebToolbar.degcvu, Riskware.Win32.SysTreak.dfmajo, Riskware.Win32.SysTreak.debebt, Riskware.Win32.SysTreak.deifsf
18.00%

ESET NOD32
Win32/Toolbar.BitCocktail.A potentially unwanted application, Win64/Toolbar.Perion.A potentially unwanted application
16.00%

1 / 68      (PUP)
installerhelper.dll  (362ee9d6b6b3fa487b9f74cd693f7dfd)

1 / 68      (PUP)
extension64.dll  (f04a4c0be1b446012bbb8cf3150e2325)

1 / 68      (PUP)
extensionupdaterservice.exe  (bf6e850a83976068ac5775204d1c3485)

2 / 68      (PUP)
extension32.dll  (94251722fef5b389fbcb168228b75e74)

8 / 68      (PUP)
sg.exe (Web Assistant by IncrediBar)  (fa639fb60af4a576e66585a40ab07a30)

1 / 68      (PUP)
sg_6oyuzvx1ny_inactive.exe (IB Updater by IncrediBar)  (b4721fc387cb2b5fb95f7d3b85dee34e)

1 / 68      (PUP)
extension64.dll  (1f8739d9296133e02d47218921a9e05d)

7 / 68      (PUP)
sg.exe (by IB)  (f6443baeed54084bf5a358e9e08887c2)

1 / 68      (PUP)
sg_6oynv8htly_inactive.exe (Web Assistant by IncrediBar)  (69a1790eb7c4a59c610cdc79d6df989b)

5 / 68      (PUP)
sg_6pqyhve3fh_active.exe (by IB)  (d9c9740f28b777cc279258a60dfcb921)

16 / 68    (PUP)
extensionupdaterservice.exe  (9ad2174eec05bafe7de7b13695943007)

5 / 68      (PUP)
sg.exe (Web Assistant by IB)  (710759cbf1b6d375b739472ed5d4816c)

1 / 68      (PUP)
extensionupdate.exe (Web Assistant by IncrediBar)  (7358d2ef57ff40250bf8c977428d439e)

6 / 68      (PUP)
sg.exe (by IB)  (f17468468be881d711940f6b9bd3680d)

5 / 68      (PUP)
installerhelper.dll  (819c17ea3b1b2f4940708958db71bed7)

5 / 68      (PUP)
extension64.dll  (de32307309bd0148d8622c69916f287d)

3 / 68      (PUP)
extension32.dll  (62a90fff1b19d537f3fe526afad9dc7a)

5 / 68      (PUP)
sg_6oyb9wj3eg_active.exe (by IB)  (d679b90e53f9f46251038e241831435c)

1 / 68      (PUP)
extension64.dll  (2e3a97545ce23903e19c7c5de534e96b)

5 / 68      (PUP)
installerhelper.dll  (0dce94d3aff8d56fb9813377a36dbfae)

1 / 68      (PUP)
extension64.dll  (b1b4502304365b7c398ff1442fbf395b)

9 / 68      (PUP)
sg.exe (Web Assistant by IncrediBar)  (25621af98a14f05351405bf797ee69bd)

1 / 68      (PUP)
extension32.dll  (6df29f14c601a9e29bba30e180a9c23c)

6 / 68      (PUP)
extensionupdaterservice.exe  (c7fe574fdf97543779f0552a67d1061c)

3 / 68      (PUP)
fbflicker.exe (by Guppy)  (fa655ba98b558d5c2f57292a049901f5)

1 / 68      (PUP)
installerhelper.dll  (416a9ea0838b69e26dd46ca0147383c9)

2 / 68      (PUP)
extension64.dll  (dd441f89c962a9a53f6d34927ea55f44)

1 / 68      (PUP)
extension32.dll  (1e15f2b28aa978ada101bfc5d4a27c26)

1 / 68      (PUP)
installerhelper.dll  (3cb7e7c4c5a032a79d822ef5aac0b74a)

4 / 68      (PUP)
extension64.dll  (08b7451bc1f6d20613ead4593fb34c0d)

 
Latest 30 of 93 files

The following certificate is also signed by Bit Cocktail Ltd..

2FF74ED2AFEBAFD72E0750E98DC63C1C  (Nov 11, 2012 to Jan 16, 2014)

Remove Bit Cocktail Ltd. Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Bit Cocktail Ltd. by Thawte, Inc. on January 17, 2012 with the serial number '613e461899a05578474d1423cf9cc340'.