home

CBSI.AppStore.Main.exe

Download App

CBS Interactive

The application CBSI.AppStore.Main.exe, “Download App Store” by CBS Interactive has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Download App by CBS Interactive which is a potentially unwanted software program. While running, it connects to the Internet address phx1-rb-columbia-ca-lb.cnet.com on port 443.
Publisher:
CBS Interactive Inc.  (signed by CBS Interactive)

Product:
Download App

Description:
Download App Store

Version:
1.6.5.165

MD5:
3dc70fc8d920207341ff44074c15d3f0

SHA-1:
e2c898e6bc90407cebfa9d67917983785ef0438f

SHA-256:
fa0b8117f5986e91371554e25c055df18bed3181b364064214bb4e2733260f1a

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
4/23/2024 11:38:59 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Bundler.PPI.CBSInteractive.Q
14.3.18.8

File size:
1.4 MB (1,505,928 bytes)

Product version:
1.6.5.165

Copyright:
©2014 CBS Interactive Inc. All rights reserved.

Original file name:
CBSI.AppStore.Main.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\cbs interactive\download app\cbsi.appstore.main.exe

Digital Signature
Signed by:
CBS Interactive

Authority:
VeriSign, Inc.

Valid from:
7/21/2013 6:00:00 PM

Valid to:
8/21/2015 5:59:59 PM

Subject:
CN=CBS Interactive, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=CBS Interactive, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4E4BA2EE1F4C2B3D88BE589DA3471167

File PE Metadata
Compilation timestamp:
3/5/2014 5:30:59 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:GSLGEP1E2429fvMSzIDKgFlXXZnkq7ULN7tjyZy/1/+Lx9LDzwvLZz/DtvUtMWXd:nLGEPucV0zfnkRL/juWGtDz

Entry address:
0x671F0

Entry point:
E8, 15, 06, 00, 00, E9, 24, FD, FF, FF, CC, CC, CC, CC, CC, CC, FF, 25, 60, 14, 47, 00, FF, 25, 64, 14, 47, 00, FF, 25, 68, 14, 47, 00, FF, 25, 6C, 14, 47, 00, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 20, B0, 48, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 20, B0, 48, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC...
 
[+]

Entropy:
4.8848

Code size:
447 KB (457,728 bytes)

The file CBSI.AppStore.Main.exe has been discovered within the following program.

Download App  by CBS Interactive
Publisher's description - “The Download App is a free application from Download.com that helps update the software on your Windows computer. The Download App will scan your computer and notify you when updates are available for the software you have installed.”
www.cnet.com/techtracker
62% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to phx2-dw-cbsi-xw-lb.cnet.com  (216.239.120.246:80)

TCP (HTTP SSL):
Connects to phx1-rb-columbia-ca-lb.cnet.com  (64.30.224.92:443)

Remove CBSI.AppStore.Main.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.