home

CrossriderApp0014326.exe

Social Good Network

Social Good Network, LLC.

This is the Crossrider web browser extension installer that contains the files for installing a plugin for IE, Chrome and Firefox. It was built by developer (#14326) Mark Stewart at http://crossrider.com/install/14326. As part of the installing of the extensions, Crossrider may offer changes to your Internet browser settings. The application CrossriderApp0014326.exe, “Social Good Network Installer” by Social Good Network has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Nullsoft Install System installer.
Publisher:
Mark Stewart  (signed by Social Good Network, LLC.)

Product:
Social Good Network

Description:
Social Good Network Installer

Version:
1.34.4.10

MD5:
c6f639dbd084be532d256d4cf29ed2e1

SHA-1:
4a242ba10f58e144576f88e8e9e3e1fb9de46e62

SHA-256:
eea67278f2eb9be3ef036f4f6983c26d68e5a8a56c60c66941d9d85511e9ec6c

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the Crossrider extension framework which may modify the browser's home, new tab and search pages as well as displays advertisements such as banner ads and text-links.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Social Good Network, LLC..

Analysis date:
4/25/2024 6:52:30 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installer.SocialGoodNetwork.U
14.5.13.7

File size:
3.5 MB (3,675,936 bytes)

Copyright:
Copyright Mark Stewart

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Install System

Language:
English (United States)

Common path:
C:\users\{user}\downloads\crossriderapp0014326.exe

Digital Signature
Signed by:
Social Good Network, LLC.

Authority:
GoDaddy.com, Inc.

Valid from:
10/5/2012 2:41:23 PM

Valid to:
10/5/2013 2:41:23 PM

Subject:
CN="Social Good Network, LLC.", O="Social Good Network, LLC.", L=Boise, S=ID, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B83AB31219B9F

File PE Metadata
Compilation timestamp:
12/4/2012 5:55:02 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.22

CTPH (ssdeep):
98304:IQetX1wOI9tahgo7kwwepDsPoC0MAVzMcxamL8dvSF+PW:IQeBk34ktepDoorMAV3g0AfW

Entry address:
0x4323

Entry point:
55, 89, E5, 57, 56, 53, 81, EC, AC, 01, 00, 00, FF, 15, 74, C3, 44, 00, C7, 04, 24, 01, 80, 00, 00, FF, 15, 58, C4, 44, 00, 53, C7, 04, 24, 00, 00, 00, 00, FF, 15, 98, C4, 44, 00, 56, A3, 40, 3B, 44, 00, C7, 04, 24, 08, 00, 00, 00, E8, 8D, 3B, 00, 00, A3, 9C, 3B, 44, 00, 8D, 85, 84, FE, FF, FF, 57, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 60, 01, 00, 00, 89, 44, 24, 08, C7, 44, 24, 04, 00, 00, 00, 00, C7, 04, 24, 01, B3, 40, 00, FF, 15, AC, C4, 44, 00, 83, EC, 14, C7, 44, 24, 04, 02, B3, 40, 00, C7...
 
[+]

Entropy:
7.9894  (probably packed)

Code size:
34.5 KB (35,328 bytes)

The file CrossriderApp0014326.exe has been seen being distributed by the following URL.

http://download.my-apps-repository.com/installer/14326/.../0/.../0/CrossriderApp0014326.exe

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to stats.statsmyapp.com  (176.32.99.156:80)

TCP (HTTP):
Connects to staging-app.crossrider.com  (149.126.72.103:80)

TCP (HTTP):
Connects to crossrider.com  (199.83.134.103:80)

 
http://crossrider.com/apps/14326/thank_you_page

Remove CrossriderApp0014326.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.