mypoints score 2.1-helper.exe

MyPoints.com

This web browser extension utilizes the Crossrider framework. The application mypoints score 2.1-helper.exe by MyPoints.com has been detected as a potentially unwanted program by 2 anti-malware scanners. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. While running, it connects to the Internet address ssl.hwcdn.net on port 80 using the HTTP protocol.
Publisher:
MyPoints.com  (signed and verified)

MD5:
c1eddb8a052bc7cb6bcb5b72d51faf13

SHA-1:
6da0ffa5cd16e34a4d42f8b81723ef3fc1a17989

SHA-256:
c6c04574971fdb032c346fab01b94da70351fbbcf4c436c0bbbca4ee853001ce

Scanner detections:
2 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 12:08:45 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MyPoints.Y
14.5.10.12

VIPRE Antivirus
Crossrider
26110

File size:
326 KB (333,840 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\mypoints score 2.1\mypoints score 2.1-helper.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
12/24/2013 2:00:00 AM

Valid to:
12/25/2015 1:59:59 AM

Subject:
CN=MyPoints.com, O=MyPoints.com, STREET="50 California Street, 3rd Floor", L=San Francisco, S=Caifornia, PostalCode=94111, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
008DBAF4F4240BCBA260650BCD64B226DD

File PE Metadata
Compilation timestamp:
11/19/2013 6:15:34 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
3072:NuHHA8BV1N0NIlxQZPdf8dD2rM1qhr5dp1YA98WOBsS5CHSR4bDt2JxNTBf3L+Ct:NudwIlZD81v98bLeb2NTBDzX2P+df

Entry address:
0x25134

Entry point:
E8, AE, B8, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 48, D6, 44, 00, E8, 46, 5B, 00, 00, E8, 31, 1D, 00, 00, 0F, B7, F0, 6A, 02, E8, 41, B8, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 42, 5B, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
6.4668

Code size:
240 KB (245,760 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to update.srvstatsdata.com  (69.16.175.42:80)

TCP (HTTP):
Connects to ssl.hwcdn.net  (205.185.208.11:80)

TCP (HTTP):
Connects to errors.srvstatsdata.com  (208.85.150.249:80)

TCP (HTTP):
Connects to app-static.crossrider.com  (69.16.175.10:80)

Remove mypoints score 2.1-helper.exe - Powered by Reason Core Security