chrome_frame_helper.exe

Google Chrome Frame

Limited Liability Company Ucoz Media

The application chrome_frame_helper.exe, “Chrome Frame renders the Web of the future in the browsers of the past. It's like strapping a rocket engine to a minivan.” by Limited Liability Company Ucoz Media has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
The Chromium Authors  (signed by Limited Liability Company Ucoz Media)

Product:
Google Chrome Frame

Description:
Chrome Frame renders the Web of the future in the browsers of the past. It's like strapping a rocket engine to a minivan.

Version:
22.0.1229.79

MD5:
9531e48181372d0fd8b24c5e0b0941f3

SHA-1:
20e2c3d3f0a75edbae601d53da5d495582c735f3

SHA-256:
5190afe7d60abf0b78559dc62d9b132e17d1005f385163ea807c63bbb64f2c6d

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/23/2024 11:39:44 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.LimitedLiabilityCompanyUcozMedia (M)
16.2.23.14

File size:
78.5 KB (80,344 bytes)

Product version:
22.0.1229.79

Copyright:
Copyright (C) 2006-2010 The Chromium Authors. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\uran\application\22.0.1229.79\chrome_frame_helper.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
3/16/2012 10:17:49 PM

Valid to:
3/17/2014 10:17:49 PM

Subject:
E=alexzander@ucoz.com, CN=Limited Liability Company Ucoz Media, OU=Bagrationovskiy proyezd, O=Limited Liability Company Ucoz Media, L=Moscow, S=Moscow, C=RU

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121B28BB43AF25490AA12229BA614435817

File PE Metadata
Compilation timestamp:
10/2/2012 10:24:47 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
1536:db0l5OEtGEIKURN7IyZeUT0aKwqoUVZokWXs6W2Of8:OVJIKUzIyZjT9wLss6Of8

Entry address:
0x3D3E

Entry point:
E8, 4C, 32, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, A3, DC, 26, 41, 00, 5D, C3, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A1, AC, 10, 41, 00, 33, C5, 89, 45, FC, 53, 8B, 5D, 08, 57, 83, FB, FF, 74, 07, 53, E8, AE, 32, 00, 00, 59, 83, A5, E0, FC, FF, FF, 00, 6A, 4C, 8D, 85, E4, FC, FF, FF, 6A, 00, 50, E8, 7C, 0C, 00, 00, 8D, 85, E0, FC, FF, FF, 89, 85, D8, FC, FF, FF, 8D, 85, 30, FD, FF, FF, 83, C4, 0C, 89, 85, DC, FC, FF, FF, 89, 85, E0, FD, FF, FF, 89, 8D, DC, FD, FF, FF, 89, 95, D8...
 
[+]

Code size:
48 KB (49,152 bytes)

Remove chrome_frame_helper.exe - Powered by Reason Core Security