tipranks-codedownloader.exe

TipRanks LTD

The application tipranks-codedownloader.exe by TipRanks has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program TipRanks by Uri Gruenbaum. Built using the Crossrider web brower toolkit the CodeDownloader component will automatically connnect to the remote API server and download additional code/components for TipRanks extension/toolbar. The component makes a number of requests to the host app-static.crossrider.com/plugins/.../monetization/monetizationLoader.js.
Publisher:
TipRanks  (signed by TipRanks LTD)

Product:
TipRanks

Description:
TipRanks exe

Version:
1000.1000.1000.1000

MD5:
368b9912dadfdf1d93b8c254659f4428

SHA-1:
4120be05ad57a879d34a2bdd3cd28fec143cc911

SHA-256:
c6caeb7712827f6698c4c64a27e839cb1cd3e8ac688371f2f00f9f5ba9b6f605

Scanner detections:
1 / 68

Status:
Adware

Explanation:
The software may change the browser's home page and search provider settings as well as display advertisements.

Note:
Crossrider is the owner of a platform that enables the creation of cross-browser extensions by developers but is not the owner of this detected application. The owner/publisher of this file is TipRanks LTD.

Analysis date:
11/24/2024 10:29:53 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Crossrider.TipRanks (M)
16.4.28.12

File size:
507.4 KB (519,592 bytes)

Product version:
1000.1000.1000.1000

Copyright:
Copyright 2011

Original file name:
TipRanks.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\tipranks\tipranks-codedownloader.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
12/24/2012 4:00:00 PM

Valid to:
12/25/2013 3:59:59 PM

Subject:
CN=TipRanks LTD, O=TipRanks LTD, STREET=27 Ahad Haam, L=Tel Aviv-Jaffa, S=Israel, PostalCode=65202, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
34B940819341EC8E12BDF055769AB0E5

File PE Metadata
Compilation timestamp:
11/3/2013 2:07:04 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:qvvYa5JAAMLTe21F8oSQY+3XoS5imab3r5NSpTBDRY16E:+Ya5JAuJoJ7XhabSpTb0

Entry address:
0x4500F

Entry point:
E8, D1, D6, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, B8, A0, 47, 00, E8, FB, 49, 00, 00, E8, 6F, 1D, 00, 00, 0F, B7, F0, 6A, 02, E8, 64, D6, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 8B, 7A, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
6.4528

Code size:
393 KB (402,432 bytes)

The file tipranks-codedownloader.exe has been discovered within the following program.

TipRanks  by Uri Gruenbaum
Publisher's description - “TipRanks is a browser application that allows you to instantly see the track record and measured performance of any analyst you come across, so you know who to trust.”
37% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to update.srvstatsdata.com  (69.16.175.42:80)

 
http://update.srvstatsdata.com/installer_updates/004393/update.json

TCP (HTTP):
Connects to stats.srvstatsdata.com  (176.32.99.41:80)

TCP (HTTP):
Connects to app-static.crossrider.com  (69.16.175.10:80)

Remove tipranks-codedownloader.exe - Powered by Reason Core Security