home

color my facebook-bg.exe

Color My Facebook

Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com

The application color my facebook-bg.exe, “Color My Facebook exe” by Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. Part of the Corssrider web browser platform, the BG executable is a background process that manage various function of the installed extensions in user's browser including managing installation, updates and remote code downloads.
Publisher:
Duval  (signed by Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com)

Product:
Color My Facebook

Description:
Color My Facebook exe

Version:
1000.1000.1000.1000

MD5:
9ffdc9792a45dc4c68d0371b35b6bead

SHA-1:
6cc7a48465aa87fa3be2115dfd2f7c898fb5cdc7

SHA-256:
b71fe5b0d99ed0c1a2852fc98ecfceeb3fa1206da618925cbacd5d4881739aa1

Scanner detections:
1 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com.

Analysis date:
4/25/2024 4:14:11 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Crossrider (M)
17.1.25.18

File size:
723.1 KB (740,440 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
Color My Facebook.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\color my facebook\color my facebook-bg.exe

Digital Signature
Signed by:
Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com

Authority:
Apple Inc.

Valid from:
7/16/2012 4:25:00 AM

Valid to:
7/16/2013 4:25:00 AM

Subject:
C=FR, CN=Safari Developer: (ZMLURJCR77) duvalaugustin@gmail.com, OID.0.9.2342.19200300.100.1.1=3MV9W8EA58

Issuer:
CN=Apple Worldwide Developer Relations Certification Authority, OU=Apple Worldwide Developer Relations, O=Apple Inc., C=US

Serial number:
24A43EE61F285A43

File PE Metadata
Compilation timestamp:
8/12/2013 5:44:27 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x6FA36

Entry point:
E8, 73, AD, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, E8, 2E, 4B, 00, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, EC, 2E, 4B, 00, 5D, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, 5D, C3, E8, 4F, 0E, 00, 00, 85, C0, 75, 06, B8, 50, 30, 4B, 00, C3, 83, C0, 08, C3, E8, 3C, 0E, 00, 00, 85, C0, 75, 06, B8, 54, 30, 4B, 00, C3, 83, C0, 0C, C3, 8B, FF, 55, 8B, EC, 56, E8, E2, FF, FF, FF, 8B, 4D, 08...
 
[+]

Entropy:
6.4882

Code size:
578.5 KB (592,384 bytes)

Remove color my facebook-bg.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.