home

Sara Kodama Project

Publisher Information

Sara Kodama Project is a software developer located in Nicosia, Cyprus in CY*. The company is a primary distributor of unwanted software. Part of the Brightcircle group of adware web browser extensions that utilize the Crossrider framework. These extensions are also known as Freven and are designed to utilize the framework in order to inject advertising banners in the underlying web browsers white space or by overlaying new ads over existing ones. Brightcircle distributes its software through malvertising practices such as displaying web pages taht tell the user that various core Windows software is out-dated and needs updating as well as drive-by downloads.
Authority:
COMODO CA Limited

Valid from:
10/20/2014 2:00:00 AM

Valid to:
10/21/2015 1:59:59 AM

Subject:
CN=Sara Kodama Project, O=Sara Kodama Project, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
75e47031a737d2a200f0c7a94034399f

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.Crossrider (M), PUP.Brightcircle (M)
100.00%

1 / 68      (Adware)
sm23ms-bho64.dll (Sm23mS by smart-saverplus)  (4cc5c16bbd38d1e7c6e7aa5ab04aa445)

1 / 68      (Adware)
gohd-buttonutil64.dll  (dd299d88e35b72ad27531b3401dd6cb0)

1 / 68      (Adware)
sfjfudpluwpa.exe  (651db4bde4d004a4869f73459592bcfb)

1 / 68      (Adware)
easy deals 1.2-bg.exe (Easy Deals 1.2 by Adassistent)  (66f0639c667f3fd833a7a528df8871e0)

1 / 68      (Adware)
enterprise 1.1-bg.exe (enterprise 1.1 by Marketi)  (a17be65777618bdcee226d12b7889f1c)

1 / 68      (Adware)
b3ac7a0d-5426-4257-a559-db9e3c314fc3.exe (Torpedo)  (dacc15a42cd30276e4612d31aecaa7fb)

1 / 68      (Adware)
43691d9a-71a1-479b-9892-f91522675605.dll  (ee94fbd6cd0b309e2fd691b11a1fd253)

1 / 68      (Adware)
palmall-bg.exe (PalMall by BND)  (a4897f57347fe32a5c863f5ecf434453)

1 / 68      (Adware)
cr.exe (by Olemvwcgl & co)  (9332a40248e10233b721c977b02caa58)

1 / 68      (Adware)
sense.exe (by Tjnavruvwgq & co)  (1a6c846d552f3548e85b8832fc93199e)

1 / 68      (Adware)
smartsaver+ 15-bg.exe (SmartSaver+ 15 by smart-saverplus)  (afa9c0a08058eba73b84731a5decfa5c)

1 / 68      (Adware)
33d7da6c-ad41-41ae-af13-a9a456495c01-5.exe (SmartSaver+ 15 by smart-saverplus)  (226325d5673bb429a0e6d112e66630f4)

1 / 68      (Adware)
speedchecker.exe (by Xcdfcwjwgxr & co)  (3ba2377df6edb0a454f354c946072f7b)

1 / 68      (Adware)
15fa55d0-4f4b-47aa-80d6-5cfb13d16f28-2.exe (Internet Speed Checker by Speedchecker)  (d07dcce1be124efadc4d65f2d275ab4d)

1 / 68      (Adware)
d7f5c7ee-48f5-4b60-94c7-4e39fa717782-6.exe (enterprise 1.1 by Marketi)  (30057601f6f6fa2a8647bbf30813db0f)

1 / 68      (Adware)
468ee2d6-ddaf-44af-b497-c669045ffa63.dll  (f3b4555034fbcba96fce61e7dcdb1be5)

1 / 68      (Adware)
a2ff3549-b2f6-4482-950d-3b712186cc66-11.exe (Savepass 2.0 by OB)  (039fe74eece54e24ff260aada2e69241)

1 / 68      (Adware)
4812301c-8380-4c2f-be43-ac5517e87eb0.dll  (9bbf07d7d1cedae4596164592255fe3d)

1 / 68      (Adware)
sense.exe (by Jjgvv & co)  (dd15ba919ea028eedfe70830a3623ca7)

1 / 68      (Adware)
dknogsuckdfsiq.exe  (bc4dc3c63aab4b29a1d81472da1108af)

1 / 68      (Adware)
240040 (Easy Deals v 1.01 by Adassistent)  (5151cc91c62e1fbeb125a06fabd9b84b)

1 / 68      (Adware)
cr.exe (by Asidhkzmdei & co)  (884a01543e4405277e5c03533413d130)

1 / 68      (Adware)
pwjoxris.exe  (e29fcc9e17592ed3727f2bfdbe698997)

1 / 68      (Adware)
fc319fe8-ac37-4498-aa02-27c41bca4269.dll  (cc928193de4a2746aa67efb611e434cc)

1 / 68      (Adware)
airc223.exe (by Czysfnm & co)  (9feb9ce0353a1db8127c129c94d5fa40)

1 / 68      (Adware)
uninstall.exe  (8341bb5acc77a449bc8a64a308690807)

1 / 68      (Adware)
palmall-bho64.dll (PalMall by BND)  (6171e3c1501ba75d1da3529edf0f2f61)

1 / 68      (Adware)
palmall-bho.dll (PalMall by BND)  (3162f8d87321d4f181525608a2795cf0)

1 / 68      (Adware)
palmall-bg.exe (PalMall by BND)  (9d18161e5b72fd3c52ee3888f959900d)

1 / 68      (Adware)
b92c083d-1a2d-4f6c-a3ea-7810ab445cca-64.exe (PalMall by BND)  (ac09497fbb0bfd2db65fd92016955d3b)

 
Latest 30 of 4,610 files

Downloads URLs for files signed by Sara Kodama Project.

1 / 68      (Adware)
http://dl.newinputinfoservice.com/virt/.../sms15.exe  (9feb9ce0353a1db8127c129c94d5fa40)

The following publishers (by Authenticode signature organization name) are related.

Space Battleship Creative

Sushi Apps Club

Railroad Party Apps

Gogo Network Club

Hike Zone Plus

Naruto Source

BadFinger Project (BrightCircle Investments Limited)

Aussie Labs (BrightCircle Investments Limited)

Laroste Apps

Robokid Technologies

Bohr­-ium Group

Radon Battery Technologies

Derzany Network

Krance Development

Stampede Technologies

* Note, the details and description above are based on the code signing digital signature issued to Sara Kodama Project by COMODO CA Limited on October 20, 2014 with the serial number '75e47031a737d2a200f0c7a94034399f'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.