home

c499b3c7-d05c-49f9-a726-42901aa5c3a1-4.exe

Browser_AppS 1.1

Robokid Technologies

By using the Crossrider framework, this web extension is loaded in the web browser and displays advertisments on web pages not affiliated by the extension or company. These unwanted advertisements are injected by the extension in the browser in the form of common ad types such as banners and text-links. The application c499b3c7-d05c-49f9-a726-42901aa5c3a1-4.exe, “Browser_AppS 1.1 exe” by Robokid Technologies has been detected as adware by 16 anti-malware scanners. It is built using the Crossrider cross-browser extension toolkit. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.
Publisher:
browser  (signed by Robokid Technologies)

Product:
Browser_AppS 1.1

Description:
Browser_AppS 1.1 exe

Version:
1000.1000.1000.1000

MD5:
74ab6d5ce1821b8930e2cd90c17498b8

SHA-1:
bba152fe4a966b7d5ff659dfa8418697e35c2ed1

SHA-256:
a2d0289a2a51311c5972e76a459ecab302f9053df17e7cb3210be3a2c6aa4161

Scanner detections:
16 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:
4/26/2024 3:22:00 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/CrossRider.Gen2
7.11.168.100

AVG
Generic
2015.0.3367

Baidu Antivirus
Adware.Win32.CrossRider
4.0.3.14829

Dr.Web
Trojan.Crossrider.27351
9.0.1.0241

ESET NOD32
Win32/Toolbar.CrossRider.AK (variant)
8.10286

Fortinet FortiGate
Riskware/Toolbar_CrossRider
8/29/2014

IKARUS anti.virus
PUA.CrossRider
t3scan.1.7.5.0

K7 AntiVirus
Trojan
13.183.13113

Malwarebytes
PUP.Optional.BrowserApp.A
v2014.08.29.01

McAfee
Artemis!74AB6D5CE182
5600.7023

NANO AntiVirus
Trojan.Win32.Crossrider.ddhmio
0.28.2.61721

Panda Antivirus
Trj/Genetic.gen
14.08.29.01

Reason Heuristics
PUP.Crossrider.RobokidTechnologies.g
14.8.29.13

Sophos
AppRider
4.98

Trend Micro House Call
Suspicious_GEN.F47V0719
7.2.241

VIPRE Antivirus
Crossrider
32380

File size:
813 KB (832,536 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
Browser_AppS 1.1.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\browser_apps 1.1\c499b3c7-d05c-49f9-a726-42901aa5c3a1-4.exe

Digital Signature
Signed by:
Robokid Technologies

Authority:
COMODO CA Limited

Valid from:
6/23/2014 2:00:00 AM

Valid to:
6/24/2015 1:59:59 AM

Subject:
CN=Robokid Technologies, O=Robokid Technologies, STREET=Athinodorou 3 Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00ECF35E880AD0F3BC6F82DFB1F2E84CC0

File PE Metadata
Compilation timestamp:
7/18/2014 12:03:31 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
24576:3rfSW4LucDM3NKFxdsoH1BxdmTa8gTorj:qRDoesGjoT5gTorj

Entry address:
0x870AF

Entry point:
E8, 7E, E3, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41...
 
[+]

Entropy:
6.5434

Code size:
665.5 KB (681,472 bytes)

Remove c499b3c7-d05c-49f9-a726-42901aa5c3a1-4.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.