gepmionejdbhnmbmancpfepochdgclkh.crx

Glass Bottle

This is a Chrome web browser extension which contains the installable app and manifest file. The file gepmionejdbhnmbmancpfepochdgclkh.crx has been detected as a potentially unwanted program by 11 anti-malware scanners. It loads within the context of Google Chrome as a compliled extension with the display name of Glass Bottle. It will plug into the web browser and display context-based advertisements by overwriting existing ads or by inserting new ones on various web pages. While running, it connects to the Internet address cdn.glassbottleapp.com on port 80 using the HTTP protocol.
MD5:
841689a350a96b75456cb2aef41598cb

SHA-1:
0d4aee4a1e8739e06b1a33575bbfebb3cbb60055

SHA-256:
cabdfcf73e0a2327beebe7aec2a50eb147269d05b8a1b16df3e7d0ca2ec0a421

Scanner detections:
11 / 68

Status:
Potentially unwanted

Explanation:
Injects advertising in the web browser in various formats.

Analysis date:
6/21/2018 8:48:33 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Adware.JS.BrowseFox.E
5708929

Avira AntiVirus
ADWARE/BrowseFox.gfp
8.3.1.6

Arcabit
Adware.JS.BrowseFox.E
1.0.0.425

Bitdefender
Adware.JS.BrowseFox.E
1.0.20.915

Emsisoft Anti-Malware
Adware.JS.BrowseFox
10.0.0.5366

F-Secure
Adware.JS.BrowseFox
11.2015-02-07_5

G Data
Adware.JS.BrowseFox
15.7.25

MicroWorld eScan
Adware.JS.BrowseFox.E
16.0.0.549

NANO AntiVirus
Trojan.Script.Yontoo.drovsu
0.30.24.2320

Norman
Adware.JS.BrowseFox.E
02.06.2015 14:23:46

nProtect
Adware.JS.BrowseFox.E
15.07.02.01

File size:
2.6 KB (2,636 bytes)

File type:
CRX Package Format (zip file with special header)

Common path:
C:\Program Files\glass bottle\extensions\gepmionejdbhnmbmancpfepochdgclkh.crx

Google Chrome Extension
ID:
gepmionejdbhnmbmancpfepochdgclkh.crx

Display name:
Glass Bottle

Update URL:
http://cdn.glassbottleapp.com/update


The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to cdn.glassbottleapp.com  (23.67.244.185:80)

 
http://cdn.glassbottleapp.com/update

{
  "background": {
    "scripts": [
      "background.js"
    ]
  },
  "content_scripts": [
    {
      "js": [
        "content.js"
      ],
      "matches": [
        "<all_urls>"
      ],
      "run_at": "document_end"
    }
  ],
  "content_security_policy": "script-src 'self' 'unsafe-eval' https://glassbottle-a.akamaihd.net https://glassbottle-a.akamaihd.net https://cdn.glassbottleapp.com; object-src 'self'",
  "description": "",
  "homepage_url": "http://www.glassbottleapp.com",
  "icons": {
    "48": "icon.png"
  },
  "manifest_version": 2,
  "name": "Glass Bottle",
  "permissions": [
    "management",
    "storage",
    "tabs",
    "webRequest",
    "webRequestBlocking",
    "<all_urls>"
  ],
  "version": "1.0.5656.26734",
  "update_url": "http://cdn.glassbottleapp.com/update"
}
Remove gepmionejdbhnmbmancpfepochdgclkh.crx - Powered by Reason Core Security