chmjbmkmgbfcjchbimamdpopjkmkbioi.crx

CommonShare

This is a Chrome web browser extension which contains the installable app and manifest file. The file chmjbmkmgbfcjchbimamdpopjkmkbioi.crx has been detected as a potentially unwanted program by 2 anti-malware scanners. It loads within the context of Google Chrome as a compliled extension with the display name of CommonShare. This file is typically installed with the program CommonShare by Yontoo Technology, Inc. which is a potentially unwanted software program. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages.
MD5:
4f3047a0a7bfbeb6458037de395a8a71

SHA-1:
4e908ac5f0d25be69475356abdf45e497ed4b3c9

SHA-256:
9a040f9ecc2f84b2f2e9cdd672388c8152356779de51c2b192372bdb8a695c4c

Scanner detections:
2 / 68

Status:
Potentially unwanted

Explanation:
Injects advertising in the web browser in various formats.

Analysis date:
12/13/2018 2:59:22 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/BrowseFox
8.10605

Reason Heuristics
Adware.Yontoo.ChromePlugin.d
14.10.22.23

File size:
4.8 KB (4,956 bytes)

File type:
CRX Package Format (zip file with special header)

Common path:
C:\Program Files\commonshare\chmjbmkmgbfcjchbimamdpopjkmkbioi.crx

Google Chrome Extension
ID:
CommonShare

Display name:
CommonShare

Update URL:
http://wwwcommonsharene-a.akamaihd.net/update/chrome


The file chmjbmkmgbfcjchbimamdpopjkmkbioi.crx has been discovered within the following programs.

Buzzdock  by Alactro LLC
This is a web browser extension that injects advertising. From the EULA: "Buzzdock is free to download and use. Buzzdock is supported by advertising, and users will see additional ads on websites where Buzzdock features operate.
www.buzzdock.com/faq-support
79% remove it
CommonShare  by Yontoo Technology, Inc.
CommonShare is a potentially unwanted adware program that injects ads into the user's browser. This includes inserting into web pages or displaying ads over parts of existing web page advertisements, banners, coupons or text links that would not otherwise appear.
commonshare.net/support
84% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to wwwcommonsharene-a.akamaihd.net  (63.88.100.144:80)

 
http://wwwcommonsharene-a.akamaihd.net/update/chrome

{
  "manifest_version": 2,
  "name": "CommonShare",
  "description": "",
  "version": "1.0.1",
  "icons": {
    "48": "icon.png"
  },
  "homepage_url": "http://commonshare.net",
  "update_url": "http://wwwcommonsharene-a.akamaihd.net/update/chrome",
  "content_security_policy": "script-src 'self' 'unsafe-eval' https://apicommonsharene-a.akamaihd.net https://api.commonshare.net; object-src 'self'",
  "background": {
    "scripts": [
      "background.js"
    ]
  },
  "content_scripts": [
    {
      "matches": [
        "<all_urls>"
      ],
      "js": [
        "content.js"
      ],
      "run_at": "document_end"
    }
  ],
  "permissions": [
    "storage",
    "tabs",
    "webRequest",
    "webRequestBlocking",
    "management",
    "<all_urls>"
  ]
}
Remove chmjbmkmgbfcjchbimamdpopjkmkbioi.crx - Powered by Reason Core Security