home

rss reader-codedownloader.exe

Log-Tech Communications LTD

The application rss reader-codedownloader.exe by Log-Tech Communications has been detected as adware by 8 anti-malware scanners. This file is typically installed with the program Rss Reader. Built using the Crossrider web brower toolkit the CodeDownloader component will automatically connnect to the remote API server and download additional code/components for Rss Reader extension/toolbar. The component makes a number of requests to the host app-static.crossrider.com/plugins/.../monetization/monetizationLoader.js.
Publisher:
Rss Reader  (signed by Log-Tech Communications LTD)

Product:
Rss Reader

Description:
Rss Reader exe

Version:
1000.1000.1000.1000

MD5:
cd4254885fe8ce608af6c7b832a54414

SHA-1:
f55838eba31de63b1fb7f5465128750476e40952

SHA-256:
cc4b7633ad08594acf9358a43c3765379726e5f33a0c5247f170ac239d7dd5d2

Scanner detections:
8 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is Log-Tech Communications LTD.

Analysis date:
4/24/2024 2:40:54 AM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic_r
2015.0.3497

Dr.Web
Trojan.Crossrider.19
9.0.1.0111

ESET NOD32
Win32/Toolbar.CrossRider (variant)
8.9704

McAfee
Artemis!CD4254885FE8
5600.7153

NANO AntiVirus
Trojan.Win32.Crossrider.csbfcl
0.28.0.59492

Reason Heuristics
PUP.Crossrider.LogTechCommunications.Z
14.5.19.1

Sophos
AppRider
4.98

VIPRE Antivirus
Crossrider
28468

File size:
481.5 KB (493,072 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
Rss Reader.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\rss reader\rss reader-codedownloader.exe

Digital Signature
Signed by:
Log-Tech Communications LTD

Authority:
COMODO CA Limited

Valid from:
8/1/2013 3:00:00 AM

Valid to:
8/2/2015 2:59:59 AM

Subject:
CN=Log-Tech Communications LTD, OU=my-centrals.com, O=Log-Tech Communications LTD, POBox=50412, STREET=Hamered 29, L=Tel Aviv, S=Ha-Merkaz, PostalCode=50412, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
06160AFA468E63FA151CF62BC4D36BEF

File PE Metadata
Compilation timestamp:
8/12/2013 12:43:01 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:mNTaAM0saTRAQltE+8TXFlSNNkoqcVzusljYmJtrqGGvPQgXXLhTDAcBwtpT:mNT141ztFTXq3T

Entry address:
0x45249

Entry point:
E8, FA, B4, 00, 00, E9, 89, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 57, 56, 53, 33, FF, 8B, 44, 24, 14, 0B, C0, 7D, 14, 47, 8B, 54, 24, 10, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 14, 89, 54, 24, 10, 8B, 44, 24, 1C, 0B, C0, 7D, 14, 47, 8B, 54, 24, 18, F7, D8, F7, DA, 83, D8, 00, 89, 44, 24, 1C, 89, 54, 24, 18, 0B, C0, 75, 18, 8B, 4C, 24, 18, 8B, 44, 24, 14, 33, D2, F7, F1, 8B, D8, 8B, 44, 24, 10, F7, F1, 8B, D3, EB, 41, 8B, D8, 8B, 4C, 24, 18, 8B, 54, 24, 14, 8B, 44, 24, 10, D1, EB...
 
[+]

Code size:
382 KB (391,168 bytes)

The file rss reader-codedownloader.exe has been discovered within the following program.

Rss Reader  by Rss Reader
About 4% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to s3-website-us-east-1.amazonaws.com  (54.231.33.153:80)

Remove rss reader-codedownloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.