home

MovieDownloader.exe

MovieDownloader

CoolMirage Ltd.

This is part of a CoolMirage installatation, a potentially unwanted program (PUP) that display ads on the computer. The application MovieDownloader.exe by CoolMirage has been detected as adware by 7 anti-malware scanners. This is a setup program which is used to install the application. This file is typically installed with the program MovieDownloader by 1clickmoviedownloader.com which is a potentially unwanted software program. The setup installer will bundle multiple adware offers during download and setup (based on the user's geographical location) including toolbars, extensions and coupon utilities.
Publisher:
Cool Mirage  (signed by CoolMirage Ltd.)

Product:
MovieDownloader

Version:
1.1.5.0

MD5:
c3c741e00b6e675f6795676e24ee6798

SHA-1:
662d35a7d1988d2dadb4d19489b614c5b8d98290

SHA-256:
83bceab9b19f9dd91dacf3517a3d598cecb83b1f623bd83238bec74314b1b03a

Scanner detections:
7 / 68

Status:
Adware

Explanation:
Bundles a number of adware programs in the installer.

Analysis date:
11/27/2024 1:43:30 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
APPL/CoolMirage.VA.101
7.11.121.78

Comodo Security
UnclassifiedMalware
17480

herdProtect (fuzzy)
variant of freetvdownloader4.exe (Adware)
2014.1.2.13

Malwarebytes
PUP.Optional.CoolMirage.A
v2013.12.25.08

Reason Heuristics
PUP.CoolMirage.P
14.8.7.17

Trend Micro House Call
TROJ_GEN.F47V1026
7.2.359

VIPRE Antivirus
CoolMirage Ltd
24622

File size:
2.6 MB (2,716,664 bytes)

Product version:
1.1.5.0

Copyright:
Copyright © Cool Mirage 2013

Original file name:
MovieDownloader.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\1clickmoviedownloader.com\moviedownloader.exe

Digital Signature
Signed by:
CoolMirage Ltd.

Authority:
Thawte, Inc.

Valid from:
6/6/2013 1:00:00 AM

Valid to:
6/7/2014 12:59:59 AM

Subject:
CN=CoolMirage Ltd., O=CoolMirage Ltd., L=Tel Aviv, S=Israel, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
110F603E63C86349A5F243EA06966F33

File PE Metadata
Compilation timestamp:
10/7/2013 6:35:48 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:OKUeeOg2sssgMzAtwi2NlRp3j2J3pK761Y8SerqTRz3P9J+biO3+ukUIbaHvrr/4:VUeeOg2sssjEtwi2yJ5p17qTZeZkzMrM

Entry address:
0x2935FE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
2.6 MB (2,693,120 bytes)

The file MovieDownloader.exe has been discovered within the following program.

MovieDownloader  by 1clickmoviedownloader.com
The MovieDownloader, also known as the Smarter Downloader is a bundled installation using the Optimum Installer monetization platform. Installing the co-bundled software through the modified installer may not be optional.
71% remove it
 
Powered by Should I Remove It?

The file MovieDownloader.exe has been seen being distributed by the following URL.

http://cmpsmarter-downloader.maynemyltf.netdna-cdn.com/MovieDownloader4.exe

Remove MovieDownloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.