home

video-high-chromeinstaller.exe

video-high

The application video-high-chromeinstaller.exe has been detected as adware by 3 anti-malware scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. It runs as a scheduled task under the Windows Task Scheduler triggered to execute each time a user logs in. This file is typically installed with the program video-high by Crossrider Advanced Technologies Ltd. (Platform) which is a potentially unwanted software program. The file utilizes the Crossrider browser extension platform. ChromeInstaller is the component designed to install and manage the extension's Google Chrome integration.
Publisher:
video-high

Product:
video-high

Description:
video-high exe

Version:
1000.1000.1000.1000

MD5:
0a06441e217a47d4505cb868adc9490b

SHA-1:
22f2a33eedd7ba9d5fd0e2cacc722f71abf27a7b

SHA-256:
1033310fbe58bca1ce026ba0ebd4d99c5f3498ee68007ff152490b13e6762253

Scanner detections:
3 / 68

Status:
Adware

Explanation:
Part of the Crossrider toolbar platform. It will download and install the extension for Gogole Chrome.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application.

Analysis date:
4/19/2024 9:22:50 AM UTC  (today)

Scan engine
Detection
Engine version

herdProtect (fuzzy)
variant of plushd8.1-validator.exe (Adware)
2014.4.25.4

Reason Heuristics
PUP.Crossrider.videohigh.AA
14.3.14.11

VIPRE Antivirus
Crossrider
27232

File size:
2 MB (2,051,584 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
video-high.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\video-high\video-high-chromeinstaller.exe

File PE Metadata
Compilation timestamp:
3/6/2014 4:56:14 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
49152:Ydv04PDPPORbExTX471jN8hBJ68TEpSEgTkNiUzn+nPRx:YdtPjORbExTX471mXJ1h

Entry address:
0xFFE34

Entry point:
E8, 50, 09, 01, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, 75, 08, 85, F6, 78, 09, E8, 83, 0A, 01, 00, 3B, 30, 7C, 07, E8, 7A, 0A, 01, 00, 8B, 30, E8, 6D, 0A, 01, 00, 8B, 04, B0, 5E, 5D, C3, 55, 8B, EC, 56, E8, A7, 5D, 00, 00, 8B, F0, 85, F6, 75, 07, B8, C0, 30, 56, 00, EB, 26, 53, 57, 33, FF, BB, 86, 00, 00, 00, 39, 7E, 24, 75, 1B, 6A, 01, 53, E8, FA, 30, 00, 00, 59, 59, 89, 46, 24, 85, C0, 75, 0A, B8, C0, 30, 56, 00, 5F, 5B, 5E, 5D, C3, FF, 75, 08, 8B, 76, 24, E8, 90, FF, FF, FF, 50, 53, 56, E8, 73, EC...
 
[+]

Code size:
1.1 MB (1,199,616 bytes)

Scheduled Task
Task name:
video-high-chromeinstaller

Trigger:
Logon (Runs on logon)

Action:
video-high-chromeinstaller.exe \rawdata=jffinxx9+arh4g5kvmjh1ypnvr1xf8+fgzg0etxp+


The file video-high-chromeinstaller.exe has been discovered within the following program.

video-high  by Crossrider Advanced Technologies Ltd. (Platform)
This is an ad-supported (adware) web browser extension.
crossrider.com
86% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to update.srvstatsdata.com  (69.16.175.42:80)

 
http://update.srvstatsdata.com/installer_updates/000165/update.json

TCP (HTTP):
Connects to stats.srvstatsdata.com  (176.32.99.41:80)

TCP (HTTP):
Connects to app-static.crossrider.com  (69.16.175.10:80)

Remove video-high-chromeinstaller.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.