webcakelayers.crx

WebCake

The WebCake Chrome extension is a Yontoo powered adware component that injects advertising in the user's web browser in the form of banner, in-text links or popups. The file webcakelayers.crx has been detected as a potentially unwanted program by 6 anti-malware scanners. It loads within the context of Google Chrome as a compliled extension with the display name of WebCake. By plugging into the web browser, this extension will inject advertisements both banner and context hyperlinks based on the web sites being visited. It can be installed from the program's website or it may be bundled by third-party software installation programs.
Remove webcakelayers.crx - Powered by Reason Core Security
MD5:
f194a9ddf310e9f47d94b2aba2aee806

SHA-1:
5cef1a45b244b6e2105932febc008f0f45b28db0

SHA-256:
8be8599fa954a1abc9fd1cb4eba639fde0b38178c67e1e5fc71876c690bf3215

Scanner detections:
6 / 68

Status:
Potentially unwanted

Explanation:
Injects advertising in the web browser in various formats.

Analysis date:
12/8/2016 5:06:38 AM UTC  (today)

Scan engine
Detection
Engine version

Boost by Reason
Optional.ChromePlugin.Q
188838

ESET NOD32
JS/Adware.Yontoo.B application
7.0.302.0

IKARUS anti.virus
AdWare.WebCake
t3scan.1.6.1.0

Microsoft Security Essentials
Threat.Undefined
1.175.1840.0

Qihoo 360 Security
Script/Trojan.Adware.f4b
1.0.0.1015

Reason Heuristics
Adware.WebCake.ChromePlugin.Q
14.6.10.17

Remove webcakelayers.crx - Powered by Reason Core Security
File size:
3 KB (3,037 bytes)

File type:
CRX Package Format (zip file with special header)

Common path:
C:\Program Files\webcake\webcakelayers.crx

Google Chrome Extension
ID:
fjoijdanhaiflhibkljeklcghcmmfffh

Version:
1.0.3

Display name:
WebCake

Description:
Add WebCake to your web experience.

Update URL:
https://www-cdn.getwebcake.com/update/chrome


The executing file has been seen to make the following network communication in live environments.

TCP (HTTP SSL):
Connects to www-cdn.getwebcake.com  (8.25.35.154:443)

 
https://www-cdn.getwebcake.com/update/chrome

{
  "manifest_version": 2,
  "name": "WebCake",
  "description": "Add WebCake to your web experience.",
  "version": "1.0.3",
  "icons": {
    "48": "wc_48.png"
  },
  "permissions": [
    "tabs",
    "<all_urls>"
  ],
  "content_security_policy": "script-src 'self' 'unsafe-eval'; object-src 'self'",
  "content_scripts": [
    {
      "matches": [
        "<all_urls>"
      ],
      "js": [
        "yl.js"
      ],
      "run_at": "document_end"
    }
  ],
  "background": {
    "scripts": [
      "back.js"
    ]
  },
  "update_url": "https://www-cdn.getwebcake.com/update/chrome"
}
Remove webcakelayers.crx - Powered by Reason Core Security