oopofgccipckckifenoicncegojimpmf.crx

MyEmoticons

This is a Chrome web browser extension which contains the installable app and manifest file. The file oopofgccipckckifenoicncegojimpmf.crx has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It loads within the context of Google Chrome as a compliled extension with the display name of MyEmoticons. While running, it connects to the Internet address www.myemoticons.com on port 80 using the HTTP protocol.
MD5:
97f719dad2a7f2d71e9086bdcc94daac

SHA-1:
a6e1d131a24a844a33bef26289733e844e92f467

SHA-256:
77d5c3d6205edb8940cddc8c82a0169e0694a98a921e67a10d48bb4f09e22246

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/10/2018 1:29:42 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Firefox.Extension.MyEmoticons
15.2.11.0

File size:
37.2 KB (38,120 bytes)

File type:
CRX Package Format (zip file with special header)

Common path:
C:\users\{user}\appdata\roaming\myemoticons\oopofgccipckckifenoicncegojimpmf.crx

Google Chrome Extension
ID:
MyEmoticons

Display name:
MyEmoticons

Description:
MyEmoticons

Update URL:
http://www.myemoticons.com/gc/update.xml


The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to www.myemoticons.com  (5.79.67.97:80)

 
http://www.myemoticons.com/gc/update.xml

{
  "name": "MyEmoticons",
  "version": "1.0",
  "background_page": "background.html",
  "browser_action": {
    "default_icon": "fbme.png",
    "default_title": "MyEmoticons",
    "popup": "popup.html"
  },
  "icons": {
    "16": "16.png",
    "48": "48.png",
    "128": "128.png"
  },
  "content_scripts": [
    {
      "matches": [
        "*://*.facebook.com/*"
      ],
      "js": [
        "fbme.js"
      ],
      "run_at": "document_end",
      "all_frames": false
    }
  ],
  "description": "MyEmoticons",
  "key": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuscaxXzWdfLFMeSZYsdnErd688MdPN58mNNK3He21k8p1CmI4g0ityNhYVrGTNIvo3oYfXwcTUOcr+zUGGJ2p+JgcqornO7sR/nRDJMTVInDrvN0eXBmmByDsEnvFIjZySCzON7h89hf2vpHj0F/dYigBpY/PQC0j1zndAOw7iwIDAQAB",
  "homepage_url": "http://www.myemoticons.com",
  "update_url": "http://www.myemoticons.com/gc/update.xml"
}
Remove oopofgccipckckifenoicncegojimpmf.crx - Powered by Reason Core Security