home

cinemap-1.3cv23.11-bg.exe

CinemaP-1.3cV23.11

Winston Project

This adware is a web browser extension that will inject advertising in the browser in the form of unwanted banners and text-links which may link to malware sites and install unwanted software. The application cinemap-1.3cv23.11-bg.exe, “CinemaP-1.3cV23.11 exe” by Winston Project has been detected as adware by 8 anti-malware scanners. Part of the Corssrider web browser platform, the BG executable is a background process that manage various function of the installed extensions in user's browser including managing installation, updates and remote code downloads. It is distributed as part of the Brightcircle group of browser-extensions.
Publisher:
Cinema PlusV23.11  (signed by Winston Project)

Product:
CinemaP-1.3cV23.11

Description:
CinemaP-1.3cV23.11 exe

Version:
1000.1000.1000.1000

MD5:
bbc8ab636fe164c667a066d4987e8092

SHA-1:
310ccff8f2b3d6fba58389ee03e6e08e14f7e7c1

SHA-256:
0dd5a4796f4b76e6a3a50d22ab885d389b9dc729f1477f811f83a37751e6a8bf

Scanner detections:
8 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements. Distributed through the Brightcircle investments brand.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Winston Project.

Analysis date:
4/26/2024 4:50:06 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
Adware/CrossRider.KC
7.11.188.92

ESET NOD32
Win32/Toolbar.CrossRider.BA potentially unwanted application
7.0.302.0

Kaspersky
not-a-virus:AdWare.NSIS.Adwapper
15.0.0.463

Malwarebytes
PUP.Optional.CrossRider.A
v2014.11.23.10

Panda Antivirus
Trj/Chgt.N
14.11.23.10

Reason Heuristics
PUP.Crossrider.WinstonProject.T
14.11.29.18

Rising Antivirus
PE:Malware.Obscure!1.9C59
23.00.65.141121

VIPRE Antivirus
Threat.4789396
35010

File size:
519.4 KB (531,864 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
CinemaP-1.3cV23.11.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\cinemap-1.3cv23.11\cinemap-1.3cv23.11-bg.exe

Digital Signature
Signed by:
Winston Project

Authority:
COMODO CA Limited

Valid from:
10/19/2014 7:00:00 PM

Valid to:
10/20/2015 6:59:59 PM

Subject:
CN=Winston Project, O=Winston Project, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00B312FD1B7F10CF48C48080B24091FB8E

File PE Metadata
Compilation timestamp:
11/22/2014 2:46:08 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:EOAYBBVKLOaMxyRLQDIKuqMrmmSDVAmcXVMDosriC1dbZvmTBSfB4B:htBVO7jzmpcXV1gJxZvmTMfI

Entry address:
0x3F8E5

Entry point:
E8, 72, AE, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, F0, AA, 47, 00, E8, 25, 30, 00, 00, E8, B7, 1B, 00, 00, 0F, B7, F0, 6A, 02, E8, 05, AE, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, F5, 35, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
6.5155

Code size:
391.5 KB (400,896 bytes)

Remove cinemap-1.3cv23.11-bg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.