Reason Labs

novaroma.v0.9.9.2.setup.exe

Novaroma

The application novaroma.v0.9.9.2.setup.exe, “Sit back, relax and just watch!” has been detected as PUP.OpenCandy.Installer. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.
Publisher:
Novaroma

Product:
Novaroma

Description:
Sit back, relax and just watch!

Version:
0.9.92

MD5:
e462515fe8111e9803840a14ebc52fa6

SHA-1:
56f9cfa760427a24ee21473cb547d77674184250

SHA-256:
3fb648bab4d75301dc383989c6f82510088f6ab6167ccedcffc03a5786286429

Detection:
PUP.OpenCandy.Installer

Risk:
Low

Explanation:
Includes the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:
12/12/2018 11:24:07 AM UTC  (today)

File size:
11 MB (11,511,301 bytes)

Product version:
0.9.92

Copyright:
Copyright (C) 2015 Novaroma

Original file name:
Novaroma.v0.9.92.setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
4/2/2015 3:37:15 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
196608:nIlFyFqIlFfFgtNOM5GHZ/my+3oeE043ypD3vI64XgOvjlz:If0Rft0NvGHhByoeE0TDQtgOLlz

Entry address:
0xC94CC

Entry point:
E8, 46, CC, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, F0, 33, DB, 3B, F3, 75, 1E, E8, 5D, 4D, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, C5, D5, FF, FF, 83, C4, 14, 8B, C6, E9, C2, 00, 00, 00, 57, 39, 5D, 0C, 77, 1E, E8, 39, 4D, 00, 00, 6A, 16, 5E, 53, 53, 53, 53, 53, 89, 30, E8, A1, D5, FF, FF, 83, C4, 14, 8B, C6, E9, 9D, 00, 00, 00, 33, C0, 39, 5D, 14, 66, 89, 06, 0F, 95, C0, 40, 39, 45, 0C, 77, 09, E8, 0A, 4D, 00, 00, 6A, 22, EB, CF, 8B, 45, 10, 83, C0, FE, 83, F8, 22, 77...
 
[+]

Characteristics:
0x258

Code size:
1 MB (1,050,112 bytes)

Clean
novaroma.v0.9.9.2.setup.exe  0.9.92  (49cfe2dbe7bf86232ca6f205571b9d6b0d0e8683)

Clean
Novaroma.v0.9.4.setup.exe  (6d5e8b5fe18c4ea6bbb3389e46dec312df8be09e)

Clean
Novaroma.Updater.exe  (c4d95588393dfe76143235af6c3e31a362c9351c)

Clean
Novaroma.v0.9.6.setup.exe  (e5f9acfc532d1523bc7bc559442d48d3f9eafb60)

Clean
novaroma.v0.9.8.setup.exe  (341d68f2477965f73ea106b4b7501eef4d392a97)

Clean
00000001-50accef6  (427d90db55614448216243738a29358212537d7b)

PUP.OpenCandy
novaroma.v0.9.9.1.exe  (f21ca375a5792db68a4c7da389f81af4e12bf0c0)

Clean
novaroma.v0.9.91.setup.exe  (2dbbfe1a2be8cfaf990062025b1ea3e2ba3542a3)

Clean
Novaroma.v0.9.92.setup.aiui  (f90e2e11fc3d621f4ac533438f05b9c394140871)

Clean
Novaroma.v0.9.9.setup.exe  (16f401c88918cc6e7b518d9f775e7441ff7bd4e6)

Clean
00000000-81171658  (d39f86cdb22c4b0fe607eaf84ea36aab37c7808c)

Clean
Novaroma.v0.9.2.setup.exe  (b8a8b4498479be749c0d3d84f7befb494d8fa730)

Clean
novaroma.v0.9.7.setup.exe  (d06da689f1cac09e8495ea6ee0132a55d97a0410)

Clean
novaroma.v0.9.9.3.setup.exe  (98fd878cbfd75d7b3d3cbd88c5f4393ee747ff6f)

Clean
novaroma.v0.9.93.setup.exe  (802edeb0a9636a9b88c4cefebd3e4e050eca7a78)

Download Reason Core Security - Powerful anti-malware software