chmjbmkmgbfcjchbimamdpopjkmkbioi.crx

CommonShare

This is a Chrome web browser extension which contains the installable app and manifest file. The file chmjbmkmgbfcjchbimamdpopjkmkbioi.crx has been detected as a potentially unwanted program by 7 anti-malware scanners. It loads within the context of Google Chrome as a compliled extension with the display name of CommonShare. Additionally, the file is typically installed by a number of programs including CommonShare by Yontoo Technology, Inc. and Buzzdock by Alactro LLC, both potentially unwanted software. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
MD5:
9383f32be980c9975dd6b03b2ae4c094

SHA-1:
2490183e28142084ba482ec7ace2137fabfa9ff7

SHA-256:
e9fff83c9216222326ae719f580dfecc4451c97f2e8fe9cef7a365ae42605138

Scanner detections:
7 / 68

Status:
Potentially unwanted

Explanation:
Injects advertising in the web browser in various formats.

Analysis date:
11/21/2017 8:16:53 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/BrowseFox.RA
8.3.1.6

Dr.Web
infected with Trojan.Yontoo.444
9.0.1.05190

ESET NOD32
Win32/BrowseFox.Q potentially unwanted application
7.0.302.0

NANO AntiVirus
Trojan.Script.Yontoo.drovsu
0.30.24.3079

Quick Heal
Browser.MalExt.J
8.15.14.00

Reason Heuristics
Adware.Yontoo.ChromePlugin
15.8.27.3

Trend Micro House Call
Suspicious_GEN.F47V0104
7.2.239

File size:
4.8 KB (4,956 bytes)

File type:
CRX Package Format (zip file with special header)

Common path:
C:\Program Files\commonshare\chmjbmkmgbfcjchbimamdpopjkmkbioi.crx

Google Chrome Extension
ID:
CommonShare

Display name:
CommonShare

Update URL:
http://wwwcommonsharene-a.akamaihd.net/update/chrome


The file chmjbmkmgbfcjchbimamdpopjkmkbioi.crx has been discovered within the following programs.

Buzzdock  by Alactro LLC
This is a web browser extension that injects advertising. From the EULA: "Buzzdock is free to download and use. Buzzdock is supported by advertising, and users will see additional ads on websites where Buzzdock features operate.
www.buzzdock.com/faq-support
79% remove it
CommonShare  by Yontoo Technology, Inc.
CommonShare is a potentially unwanted adware program that injects ads into the user's browser. This includes inserting into web pages or displaying ads over parts of existing web page advertisements, banners, coupons or text links that would not otherwise appear.
commonshare.net/support
84% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to wwwcommonsharene-a.akamaihd.net  (23.0.160.32:80)

 
http://wwwcommonsharene-a.akamaihd.net/update/chrome

{
  "manifest_version": 2,
  "name": "CommonShare",
  "description": "",
  "version": "1.0.1",
  "icons": {
    "48": "icon.png"
  },
  "homepage_url": "http://commonshare.net",
  "update_url": "http://wwwcommonsharene-a.akamaihd.net/update/chrome",
  "content_security_policy": "script-src 'self' 'unsafe-eval' https://apicommonsharene-a.akamaihd.net https://api.commonshare.net; object-src 'self'",
  "background": {
    "scripts": [
      "background.js"
    ]
  },
  "content_scripts": [
    {
      "matches": [
        "<all_urls>"
      ],
      "js": [
        "content.js"
      ],
      "run_at": "document_end"
    }
  ],
  "permissions": [
    "storage",
    "tabs",
    "webRequest",
    "webRequestBlocking",
    "management",
    "<all_urls>"
  ]
}
Remove chmjbmkmgbfcjchbimamdpopjkmkbioi.crx - Powered by Reason Core Security