home

CBSI.AppStore.Main.exe

Download App

CBS Interactive

The application CBSI.AppStore.Main.exe, “Download App Store” by CBS Interactive has been detected as a potentially unwanted program by 2 anti-malware scanners. This file is typically installed with the program Download App by CBS Interactive which is a potentially unwanted software program. While running, it connects to the Internet address 212.199.202.107.static.012.net.il on port 80 using the HTTP protocol.
Publisher:
CBS Interactive Inc.  (signed by CBS Interactive)

Product:
Download App

Description:
Download App Store

Version:
1.6.1.137

MD5:
3c7e2eca0463dcfc03a7c80edaef53f0

SHA-1:
f8159b9c9b1da871b85d6ac40658947235d6cadc

SHA-256:
367b2dd92400b9f616b5e713d6df9efb666178f585f9c959a58bd9b4845cf755

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 8:17:31 AM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.Startup.CBSInteractive.Q
188163

Reason Heuristics
PUP.Startup.CBSInteractive.Q
14.3.1.2

File size:
1.3 MB (1,381,512 bytes)

Product version:
1.6.1.137

Copyright:
©2013 CBS Interactive Inc. All rights reserved.

Original file name:
CBSI.AppStore.Main.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\cbs interactive\download app\cbsi.appstore.main.exe

Digital Signature
Signed by:
CBS Interactive

Authority:
VeriSign, Inc.

Valid from:
7/21/2013 7:00:00 PM

Valid to:
8/21/2015 6:59:59 PM

Subject:
CN=CBS Interactive, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=CBS Interactive, L=San Francisco, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4E4BA2EE1F4C2B3D88BE589DA3471167

File PE Metadata
Compilation timestamp:
11/11/2013 3:50:32 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:o+i3tOrmDsu7WTECSpx9dsXC678c7tjyZyU1/+Lx9LDzwvLZz/DtvUtd:HutOrmDssWozxyjuLGtd

Entry address:
0x584EC

Entry point:
E8, D9, 06, 00, 00, E9, 24, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, FF, 25, 2C, E4, 45, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 53, 33, FF, 8B, 44, 24, 14, 0B, C0, 7D, 14, 47, 8B, 54, 24, 10, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 14, 89, 54, 24, 10, 8B, 44, 24, 1C, 0B, C0, 7D, 14, 47, 8B, 54, 24, 18, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 1C, 89, 54, 24, 18, 0B, C0, 75, 18, 8B, 4C, 24, 18, 8B, 44, 24, 14, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 10, F7, F1, 8B, D3, EB, 41, 8B, D8, 8B...
 
[+]

Entropy:
4.6841

Code size:
370 KB (378,880 bytes)

User Start Menu Item
Name:
cbsi.appstore.main.exe


The file CBSI.AppStore.Main.exe has been discovered within the following programs.

Download App  by CBS Interactive
Publisher's description - “The Download App is a free application from Download.com that helps update the software on your Windows computer. The Download App will scan your computer and notify you when updates are available for the software you have installed.”
www.cnet.com/techtracker
62% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to phx2-dw-cbsi-xw-lb.cnet.com  (216.239.120.246:80)

TCP (HTTP):
Connects to bam-4.nr-data.net  (50.31.164.174:80)

TCP (HTTP):
Connects to ec2-54-243-161-87.compute-1.amazonaws.com  (54.243.161.87:80)

TCP (HTTP):
Connects to ec2-52-71-31-137.compute-1.amazonaws.com  (52.71.31.137:80)

TCP (HTTP):
Connects to ec2-52-3-215-241.compute-1.amazonaws.com  (52.3.215.241:80)

TCP (HTTP):
Connects to ec2-34-199-132-228.compute-1.amazonaws.com  (34.199.132.228:80)

TCP (HTTP):
Connects to pub-cust-41.22.183.186.bf.directvnet.com.ar  (186.183.22.41:80)

TCP (HTTP):
Connects to bam-7.nr-data.net  (162.247.242.19:80)

TCP (HTTP):
Connects to a184-51-198-162.deploy.static.akamaitechnologies.com  (184.51.198.162:80)

TCP (HTTP):
Connects to a88-221-53-26.deploy.akamaitechnologies.com  (88.221.53.26:80)

TCP (HTTP):
Connects to a88-221-53-16.deploy.akamaitechnologies.com  (88.221.53.16:80)

TCP (HTTP):
Connects to 82-166-201-187.barak-online.net  (82.166.201.187:80)

TCP (HTTP):
Connects to www.turktelekom.com.tr  (195.175.118.73:80)

TCP (HTTP):
Connects to softbank221110252179.bbtec.net  (221.110.252.179:80)

TCP (HTTP):
Connects to softbank221110252041.bbtec.net  (221.110.252.41:80)

TCP (HTTP):
Connects to pub-cust-40.22.183.186.bf.directvnet.com.ar  (186.183.22.40:80)

TCP (HTTP):
Connects to bam-8.nr-data.net  (162.247.242.20:80)

TCP (HTTP):
Connects to bam-6.nr-data.net  (162.247.242.18:80)

TCP (HTTP):
Connects to a82-94-229-11.deploy.akamaitechnologies.com  (82.94.229.11:80)

TCP (HTTP):
Connects to a23-212-50-41.deploy.static.akamaitechnologies.com  (23.212.50.41:80)

Remove CBSI.AppStore.Main.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.