ShopAtHomeHelper.exe

ShopAtHome.com Browser App

ShopAtHome.com (Belcaro Group, Inc.)

The application ShopAtHomeHelper.exe, “ShopAtHome.com Cash Back Helper” by ShopAtHome.com (Belcaro Group,) has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program ShopAtHome.com Helper by Belcaro Group Inc. which is a potentially unwanted software program.
Publisher:
ShopAtHome.com  (signed by ShopAtHome.com (Belcaro Group, Inc.))

Product:
ShopAtHome.com Browser App

Description:
ShopAtHome.com Cash Back Helper

Version:
7.0.4.15

MD5:
06e07445f237d4fd5ef0510e268773b5

SHA-1:
674b90f1f7e9145e74e99507055f05ca1916016d

SHA-256:
055e7c58cdad8c30c7b83cb19ebe7d70eff88d22e5d5d2b4f88441944b262d62

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/16/2024 2:39:35 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.ShopAtHome (M)
16.7.11.18

File size:
1.2 MB (1,263,760 bytes)

Product version:
7.0.4.15

Copyright:
(c) ShopAtHome.com. All rights reserved.

Original file name:
ShopAtHomeHelper.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\shopathome\shopathomehelper\shopathomehelper.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
6/25/2013 5:00:00 PM

Valid to:
6/26/2014 4:59:59 PM

Subject:
CN="ShopAtHome.com (Belcaro Group, Inc.)", O="ShopAtHome.com (Belcaro Group, Inc.)", L=Greenwood Village, S=Colorado, C=US, SERIALNUMBER=19871692567, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Colorado, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:
CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
237B0D903D7BC26FE5D98F5F4AAF5E42

File PE Metadata
Compilation timestamp:
12/19/2013 11:36:57 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:+bTdIjvTruwWXXoruCYTCXiSRROz0dGr4gTV1cMNO39OPSr:+bTdILTru3XorKTCXi+00a4gT8OPSr

Entry address:
0x7873E

Entry point:
E8, DF, B6, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 2C, A1, 44, C6, 50, 00, 33, C5, 89, 45, FC, 56, FF, 75, 0C, 8B, 75, 08, 8D, 4D, D4, E8, 70, A9, FF, FF, 85, F6, 75, 24, E8, F7, BE, FF, FF, C7, 00, 16, 00, 00, 00, E8, 05, 31, 00, 00, 80, 7D, E0, 00, 74, 07, 8B, 45, DC, 83, 60, 70, FD, D9, EE, EB, 35, 83, C6, 02, 0F, B7, 06, 6A, 08, 50, E8, 8E, 73, 00, 00, 59, 59, 85, C0, 75, EC, 8D, 45, D4, 50, 8D, 45, E4, 56, 50, E8, 0D, B7, 00, 00, DD, 40, 10, 83, C4, 0C, 80, 7D, E0, 00, 74, 07, 8B, 45...
 
[+]

Entropy:
6.4701

Code size:
805.5 KB (824,832 bytes)

The file ShopAtHomeHelper.exe has been discovered within the following program.

ShopAtHome.com Helper  by Belcaro Group Inc.
This is the helper application that is installed with the ShopAtHome Toolbar (Browser App).
www.shopathome.com
68% remove it
 
Powered by Should I Remove It?

Remove ShopAtHomeHelper.exe - Powered by Reason Core Security