mypoints score 2.1-chromeinstaller.exe

MyPoints Score 2.1

MyPoints.com

The application mypoints score 2.1-chromeinstaller.exe, “MyPoints Score 2.1 exe” by MyPoints.com has been detected as adware by 17 anti-malware scanners. The file utilizes the Crossrider browser extension platform. ChromeInstaller is the component designed to install and manage the extension's Google Chrome integration. While running, it connects to the Internet address stats.srvstatsdata.com on port 80 using the HTTP protocol.
Publisher:
MyPoints  (signed by MyPoints.com)

Product:
MyPoints Score 2.1

Description:
MyPoints Score 2.1 exe

Version:
1000.1000.1000.1000

MD5:
d6a45b5a0075d1fa87721a53338983d7

SHA-1:
1b21bb6cb9e80724016caf441dc6404bdfbf2975

SHA-256:
3ce94f5843ca2e9ab0adffc066a092295c27da28f1427aeb368b2e5850aff9e8

Scanner detections:
17 / 68

Status:
Adware

Explanation:
Part of the Crossrider toolbar platform. It will download and install the extension for Gogole Chrome.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is MyPoints.com.

Analysis date:
12/25/2024 12:08:46 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Adware.Plush.1
985

AVG
Adware Generic5
2015.0.3463

Baidu Antivirus
Unnamed.Threat
4.0.3.14525

Bitdefender
Gen:Adware.Plush.1
1.0.20.725

Dr.Web
Trojan.Crossrider.7839
9.0.1.0145

Emsisoft Anti-Malware
Gen:Adware.Plush
8.14.05.25.12

ESET NOD32
Win32/Toolbar.CrossRider.S potentially unwanted application
8.7.0.302.0

F-Secure
Gen:Adware.Plush.1
11.2014-25-05_1

G Data
Gen:Adware.Plush
14.5.24

Malwarebytes
PUP.Optional.PlusHD.A
v2014.05.25.12

MicroWorld eScan
Gen:Adware.Plush.1
15.0.0.435

NANO AntiVirus
Trojan.Win32.Crossrider.cynnzl
0.28.0.59921

Panda Antivirus
PUP/PlusHD
14.05.25.12

Reason Heuristics
PUP.Crossrider.MyPoints.b
14.5.10.12

Sophos
AppRider
4.96

Trend Micro House Call
TROJ_GEN.F47V1125
7.2.145

VIPRE Antivirus
Crossrider
26110

File size:
902.5 KB (924,176 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
MyPoints Score 2.1.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\mypoints score 2.1\mypoints score 2.1-chromeinstaller.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
12/24/2013 2:00:00 AM

Valid to:
12/25/2015 1:59:59 AM

Subject:
CN=MyPoints.com, O=MyPoints.com, STREET="50 California Street, 3rd Floor", L=San Francisco, S=Caifornia, PostalCode=94111, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
008DBAF4F4240BCBA260650BCD64B226DD

File PE Metadata
Compilation timestamp:
1/1/2014 9:32:10 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:NkXJU91usvzOpsAov9bIcuPxmeKWHRjcNEIF0jTxwG33OOvTmqdwMVpTJBh:NkXJUr/CEvJIcuPxmzlOTxwK9vCyT/h

Entry address:
0x97A72

Entry point:
E8, DE, F3, 00, 00, E9, 7F, FE, FF, FF, CC, CC, CC, CC, 55, 8B, EC, 83, EC, 18, 53, 8B, 5D, 0C, 56, 57, 8B, 7B, 08, 33, 3D, 48, 11, 4E, 00, C6, 45, FF, 00, C7, 45, F4, 01, 00, 00, 00, 8B, 07, 8D, 73, 10, 83, F8, FE, 74, 0D, 8B, 4F, 04, 03, CE, 33, 0C, 30, E8, 8C, AA, FF, FF, 8B, 4F, 0C, 8B, 47, 08, 03, CE, 33, 0C, 30, E8, 7C, AA, FF, FF, 8B, 45, 08, F6, 40, 04, 66, 0F, 85, D0, 00, 00, 00, 89, 45, E8, 8B, 45, 10, 89, 45, EC, 8D, 45, E8, 89, 43, FC, 8B, 43, 0C, 89, 45, F8, 83, F8, FE, 0F, 84, EE, 00, 00, 00...
 
[+]

Entropy:
6.5525

Code size:
738 KB (755,712 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to update.srvstatsdata.com  (69.16.175.42:80)

 
http://update.srvstatsdata.com/installer_updates/001191/update.json

TCP (HTTP):
Connects to stats.srvstatsdata.com  (176.32.99.41:80)

TCP (HTTP):
Connects to app-static.crossrider.com  (69.16.175.10:80)

Remove mypoints score 2.1-chromeinstaller.exe - Powered by Reason Core Security