CoolMirage Ltd.

Publisher Information

CoolMirage Ltd. is a software developer located in Tel Aviv, Israel*. The company is a primary distributor of unwanted software. Thre are 2 additional code signing certificates issued to this publisher.
Remove CoolMirage Ltd. Malware - Powered by Reason Core Security
Authority:
Thawte, Inc.

Valid from:
5/4/2014 2:00:00 AM

Valid to:
6/7/2015 1:59:59 AM

Subject:
CN=CoolMirage Ltd., O=CoolMirage Ltd., L=Tel Aviv, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
2b95f61752266b15878adf48e717c64b

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.CoolMirage.P, PUP.CoolMirage.y, PUP.Installer.CoolMirage.EE, PUP.CoolMirage.S, PUP.CoolMirage.V, PUP.CoolMirage.R, PUP.Installer.CoolMirage.BB, PUP.CoolMirage.N, PUP.Installer.CoolMirage.L, PUP.CoolMirage.L, PUP.Installer.CoolMirage.O, PUP.CoolMirage.I, PUP.CoolMirage.BB, PUP.CoolMirage.i, PUP.CoolMirage.Installer, PUP.CoolMirage.Installer (M)
100.00%

VIPRE Antivirus
BubbleDock, CoolMirage Ltd, Threat.4783938, Threat.4791953, Threat.4797709, Threat.4150696, Adware.SweetIM
78.00%

Panda Antivirus
PUP/MultiToolbar.A
78.00%

Dr.Web
Adware.Downware.1263
76.00%

Malwarebytes
PUP.Optional.OneClickDownloader.A, PUP.Optional.VeeHD.A
68.00%

Qihoo 360 Security
Win32/Virus.Adware.47b, HEUR/Malware.QVM06.Gen, Win32/Application.93a
66.00%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud), Test.Win32.Heur.KVML200064.a.(kcloud)
56.00%

McAfee
Artemis!7CC1358174FC, Adware-SweetIM, Program.Artemis!2D98774F772C, Artemis!2C161B1779C3, Program.Adware-SweetIM, Program.Artemis!26A360F18F25, Artemis!B829E5913AAF
46.00%

Sophos
CoolMirage, PUA 'CoolMirage'
46.00%

AVG
Generic, Could be an adware MultiBundle
36.00%

1 / 68      (Adware)
rio_2_2014_readnfo_r4_dvdrip_line_hellraz0r.exe  (89a934202c9917a886359377b30637bb)

1 / 68      (Adware)
00000000  (69c96cf75c03fc9c32eb1ff243aa37ad)

1 / 68      (Adware)
vipboxsportsappsinstall(18_3f_2)_ie.exe  (8cfc23c83c56b971b158fac3c5dcae16)

1 / 68      (Adware)
hdflashplayer-chrome.exe  (74ddaf1ea2208e7057c9929580a8c5d1)

1 / 68      (Adware)

1 / 68      (Adware)
hdflashplayer-chrome.exe  (87280a3dc639f553caba12fb0afd6877)

1 / 68      (Adware)
hindi_karaoke.exe  (5263189e3b1d6d698a92d2beadf0523f)

1 / 68      (Adware)
n7oe1dga.exe  (7c584f45116c4737d9bf9931013c0a65)

1 / 68      (Adware)
00000000  (bdcda3e249a483264edfdc64ec265eea)

1 / 68      (Adware)
vipbox_download.exe  (9e5dc78c8c702737eeacfe9c640053eb)

14 / 68    (Adware)
hdvid-codec-ff.exe  (a95ab6f6c24fe6d4ed58b6864de84364)

9 / 68      (Adware)
00000000  (d8e1899282a4702c7d76587365ff4159)

8 / 68      (Adware)
hdflashplayer-chrome.exe  (627cddeed756cd78774727515f146445)

11 / 68    (Adware)
vipboxsportsapp_setup(18_3f)_vbsa--hs_ie.exe  (b829e5913aafd44db405c950b9a27780)

13 / 68    (Adware)
3dmark_11_pro_1.0.3_crack.exe  (944bf6268eeca5566ee155c15f4044bd)

10 / 68    (Adware)
00000002  (d0f1a16b0a7f554c2847f44607c0e5fc)

28 / 68    (Adware)
love_rosie.exe  (7302a369604d041daa9b62b1f7938e83)

28 / 68    (Adware)
00000000  (ae6eeb212dec0bd2760ed4904e0ca7a8)

26 / 68    (Adware)
kanye_west_only_one_ft_paul_mccartney.exe  (703bcd552f4a66c6aa31095e8ffd6682)

27 / 68    (Adware)
00000001  (26a360f18f251e34d7a52398099c3835)

1 / 68      (Adware)
af6d76ee4a758a3600840e7d2079e39a9a03da5d.exe  (e6a410642971b5d81f329df6666f68e4)

9 / 68      (Adware)
00000001  (bb5d4b1e480f5ca784e089fbc202af92)

26 / 68    (Adware)
lotto_sorcerer_x_v7.1_keygen.exe  (ee70fa2edd8a4931165618cf24d66996)

10 / 68    (Adware)
00000000  (150894312bc772cc7681ede161148e13)

10 / 68    (Adware)
hdflashplayer-chrome.exe  (e214f7319f8b144ddc1c463819ec07d1)

26 / 68    (Adware)
00000001  (bbc1368cdbaf3e0a068021dc4bec3858)

10 / 68    (Adware)
00000000  (1a48aeeb2993eaa55d1553a93e66f6ae)

18 / 68    (Adware)
veehd_setup.exe  (2b836b436be7c1499fc42a9175e2e72d)

11 / 68    (Adware)
lina_romay_rolls_royce_baby_01.exe  (5fde36a642d863920ee3187f514d4f49)

15 / 68    (Adware)
f2all_download.exe  (97d4eaed742cc29f8c96ce7518e06309)

 
Latest 30 of 54 files

Downloads URLs for files signed by CoolMirage Ltd..

18 / 68    (Adware)
https://www.hdvidcodecs.com/.../HDvid-codec-Chrome.exe  (2c161b1779c3be3b1fecccc254fff985)

9 / 68      (Adware)
http://www.torntv-dl.com/.../cantajuegos_mp3.exe  (8b53644e71662cc6751224fddd057337)

10 / 68    (Adware)

10 / 68    (Adware)
https://www.hdvidcodecs.com/.../HDFlashPlayer-Chrome.exe  (e214f7319f8b144ddc1c463819ec07d1)

9 / 68      (Adware)

8 / 68      (Adware)

9 / 68      (Adware)

15 / 68    (Adware)
https://www.freehdsportsappdl.com/.../f2all_download.exe  (97d4eaed742cc29f8c96ce7518e06309)

9 / 68      (Adware)

19 / 68    (Adware)

23 / 68    (Adware)
http://www.clickandownload.com/.../Th3.8p053.Scr.exe  (2d98774f772cb712f9480a0cd7e403b1)

8 / 68      (Adware)

14 / 68    (Adware)
https://www.hdvidcodecs.com/.../VeeHD_Setup.exe  (91c26553bf7460b940bad6c215525f6d)

9 / 68      (Adware)

2 / 68      (Adware)
https://www.hdvidcodecs.com/.../HDFlashPlayer-Chrome.exe  (a825ca242e8024cd3f96bbc6b0ef7fdf)

15 / 68    (Adware)
https://www.freehdsportsappdl.com/.../atdhd_download.exe  (cd723cb6bfe6faf1617ca62234469a83)

9 / 68      (Adware)
http://www.torntv-dl.com/.../qbjaybnq.exe  (8b53644e71662cc6751224fddd057337)

7 / 68      (Adware)

9 / 68      (Adware)

9 / 68      (Adware)
http://www.torntv-dl.com/.../Kangoku Senkan.exe  (d1fe98428978ec4621a4f2e6b093c2f1)

7 / 68      (Adware)

7 / 68      (Adware)

9 / 68      (Adware)

10 / 68    (Adware)
https://www.hdvidcodecs.com/.../HDvid-codec-Chrome.exe  (7cc1358174fcaa70315e4fd02b538637)

8 / 68      (Adware)
https://www.freehdsportsappdl.com/.../vipbox_download.exe  (2dad73fff25c5f6708c146c0170775b1)

 
Latest 30 of 30 download URLs

The following websites host and distribute files published by CoolMirage Ltd..

The certificates below are also signed by CoolMirage Ltd..

029E9B7F7CD982D1F52BA19EDA66E340  (Aug 26, 2014 to Nov 10, 2015)

110F603E63C86349A5F243EA06966F33  (Jun 05, 2013 to Jun 06, 2014)

The following publishers (by Authenticode signature organization name) are related.

Remove CoolMirage Ltd. Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to CoolMirage Ltd. by Thawte, Inc. on May 04, 2014 with the serial number '2b95f61752266b15878adf48e717c64b'.