home

browsers+_app#s#-bg.exe

Browsers+_App#s#

Micro Yellow Lab

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The application browsers+_app#s#-bg.exe, “Browsers+_App#s# exe” by Micro Yellow Lab has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Part of the Corssrider web browser platform, the BG executable is a background process that manage various function of the installed extensions in user's browser including managing installation, updates and remote code downloads. It is distributed as part of the Brightcircle group of browser-extensions.
Publisher:
app  (signed by Micro Yellow Lab)

Product:
Browsers+_App#s#

Description:
Browsers+_App#s# exe

Version:
1000.1000.1000.1000

MD5:
7c30c6e234ed48b62520651042686a74

SHA-1:
f90f6a67167e0f5efab56c5f5713047cc1a67dd6

SHA-256:
639c056785d3c9c0eeb58c864bcd99e1ba600005f347c8f996a214dc83448327

Scanner detections:
1 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements. Distributed through the Brightcircle investments brand.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Micro Yellow Lab.

Analysis date:
4/26/2024 10:49:46 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Crossrider (M)
17.1.26.0

File size:
605.4 KB (619,936 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
Browsers+_App#s#.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\browsers+_app#s#\browsers+_app#s#-bg.exe

Digital Signature
Signed by:
Micro Yellow Lab

Authority:
COMODO CA Limited

Valid from:
8/27/2014 9:00:00 PM

Valid to:
8/28/2015 8:59:59 PM

Subject:
CN=Micro Yellow Lab, O=Micro Yellow Lab, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
009AFA5E0D9A7B3EBDF9FADE2F928085CE

File PE Metadata
Compilation timestamp:
10/2/2014 4:37:38 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

Entry address:
0x50E15

Entry point:
E8, 12, CA, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 68, 06, 49, 00, E8, 55, 49, 00, 00, E8, C9, 1C, 00, 00, 0F, B7, F0, 6A, 02, E8, A5, C9, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 25, 4F, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Code size:
478.5 KB (489,984 bytes)

Remove browsers+_app#s#-bg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.