home

shoptowin.exe

ShopToWin

Jackpot Rewards

The application shoptowin.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Shop To Win’. This file is typically installed with the program Shop To Win by Shop To Win, LLC which is a potentially unwanted software program.
Publisher:
Jackpot Rewards

Product:
ShopToWin

Version:
1.3.0.1183

MD5:
9529d3fa29a5498b3048ff91e9b34e89

SHA-1:
a02cbc2c413c12098da64b190463ae15ae0282e7

SHA-256:
e3fc47f50e8975f1c1b8669a53a22ba05ec9f607699a59505ee7bd42d73d7194

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
1/13/2025 4:17:21 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.JackpotRewards.J
14.5.3.10

File size:
2.1 MB (2,231,808 bytes)

Product version:
1.3.0.1183

Copyright:
(c) 2010 Jackpot Rewards

Original file name:
ShopToWinApp.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\shop to win\shoptowin.exe

File PE Metadata
Compilation timestamp:
6/22/2012 2:45:25 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:KS5b3HSwZHtX5p7kf31ISFohpJ810L5qhhI5HTmSZKaiygQddcwQy1HEwL8gC6j:15b3zjX5p763+Kohz810L5qhW5zWaiyb

Entry address:
0x14201E

Entry point:
E8, 92, 1C, 01, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 55, 08, 53, 8B, 5D, 14, 56, 57, 85, DB, 75, 10, 85, D2, 75, 10, 39, 55, 0C, 75, 12, 33, C0, 5F, 5E, 5B, 5D, C3, 85, D2, 74, 07, 8B, 7D, 0C, 85, FF, 75, 13, E8, DD, 2B, 00, 00, 6A, 16, 5E, 89, 30, E8, B4, 8D, 00, 00, 8B, C6, EB, DD, 85, DB, 75, 07, 33, C0, 66, 89, 02, EB, D0, 8B, 4D, 10, 85, C9, 75, 07, 33, C0, 66, 89, 02, EB, D4, 8B, C2, 83, FB, FF, 75, 18, 8B, F2, 2B, F1, 0F, B7, 01, 66, 89, 04, 0E, 83, C1, 02, 66, 85, C0, 74, 27, 4F, 75, EE...
 
[+]

Entropy:
6.5274

Code size:
1.4 MB (1,516,032 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Shop To Win

Command:
C:\Program Files\shop to win\shoptowin.exe


The file shoptowin.exe has been discovered within the following program.

Shop To Win  by Shop To Win, LLC
By running a background program on your PC, Shop to Win by Jackpot Rewards allows users to win sweepstakes every time they make an online purchase at one of over 2,500 participating merchant partners.
www.shoptowin.net
74% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to s3-1.amazonaws.com  (54.231.80.227:80)

Remove shoptowin.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.