» hd-v1.4-bg.exe
Overview
Analysis
File Details

hd-v1.4-bg.exe

Motoko Group

This adware utilizes the Crossrider extension platform and will inject advertisiments in the Internet browser and may modify core browser settings. Ads will be delivered as banners and contextual text-links and may promote other potentially unwanted software. The application hd-v1.4-bg.exe by Motoko Group has been detected as adware by 9 anti-malware scanners. Part of the Corssrider web browser platform, the BG executable is a background process that manage various function of the installed extensions in user's browser including managing installation, updates and remote code downloads. It is part of the Brightcircle group of web-extensions that inject advertisements in the browser.

File name:

hd-v1.4-bg.exe

Publisher:

HD-V1.4 (signed by Motoko Group)

Product:

HD-V1.4

Description:

HD-V1.4 exe

Version:

1000.1000.1000.1000

MD5:

aed65f5f0534fb1e087d36b73d7de0f6

SHA-1:

2c8bd5f1b9e83d376f143c48aa3abbb7867cee60

SHA-256:

d6ea9fab7cecf802c84c9e8e64fefb322c708a58695237f32d5ffe463a92be93

Scanner detections:

9 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Note:

Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Motoko Group.

Analysis date:

4/25/2024 8:47:03 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

ADWARE/CrossRider.Gen2

7.11.163.240

ESET NOD32

Win32/Toolbar.CrossRider.AL potentially unwanted application

7.0.302.0

F-Prot

W32/A-eb9ef301

v6.4.7.1.166

IKARUS anti.virus

not-a-virus:WebToolbar.CrossRider

t3scan.1.6.1.0

Panda Antivirus

Trj/Genetic.gen

14.07.25.10

Reason Heuristics

PUP.Crossrider.MotokoGroup.J

14.7.27.13

Rising Antivirus

PE:Malware.Obscure!1.9C59

23.00.65.14723

Sophos

AppRider

4.98

VIPRE Antivirus

Threat.4789396

31208

File size:

590.9 KB (605,032 bytes)

Product version:

1000.1000.1000.1000

Original file name:

HD-V1.4.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\hd-v1.4\hd-v1.4-bg.exe

Digital Signature

Signed by:

Motoko Group

Authority:

COMODO CA Limited

Valid from:

7/17/2014 7:00:00 PM

Valid to:

7/18/2015 6:59:59 PM

Subject:

CN=Motoko Group, O=Motoko Group, STREET=Athinodorou 3, STREET=Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00AAFC4F8011F7FD7C00748C990950D28A

File PE Metadata

Compilation timestamp:

7/24/2014 5:07:22 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

12288:1rx3LivUD/468iEV8B8xaSYaEdT9oygCds+s4xKrtEqqTBh:1rx3LivUD/46k09UuUtsTv

Entry address:

0x4EC28

Entry point:

E8, 5F, CC, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 68, D0, 48, 00, E8, 52, 49, 00, 00, E8, C6, 1C, 00, 00, 0F, B7, F0, 6A, 02, E8, F2, CB, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 70, 51, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Entropy:

6.4569

Code size:

465.5 KB (476,672 bytes)

Remove hd-v1.4-bg.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.