home

omegle_downloader.exe

SimpleFiles Installer

Noverix Enterpriprise Ltd.

The application omegle_downloader.exe by Noverix Enterpriprise has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the SimpleFiles installer.
Publisher:
New Monte Inc  (signed by Noverix Enterpriprise Ltd.)

Product:
SimpleFiles Installer

Version:
1, 0, 443, 1

MD5:
fd2895d9ef6008833e7dff988ad3765f

SHA-1:
dd0a4c7098b9f1b27763be85fd27ea1ef349ab08

SHA-256:
1bd2e4fc229831093c8a79258063de9579dc777de2808c6eb974f4d8e164947e

Scanner detections:
1 / 68

Status:
Potentially unwanted

Description:
This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:
4/24/2024 2:06:26 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Blisbury (M)
17.1.22.15

File size:
3.7 MB (3,840,312 bytes)

Product version:
1.0.0.1

Copyright:
Copyright http://simple-files.com (C) 2014

Original file name:
SimpleFilesInstaller.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
SimpleFiles

Language:
English

Common path:
C:\users\{user}\downloads\omegle_downloader.exe

Digital Signature
Signed by:
Noverix Enterpriprise Ltd.

Authority:
DigiCert Inc

Valid from:
12/16/2012 9:00:00 PM

Valid to:
12/22/2014 9:00:00 AM

Subject:
CN=Noverix Enterpriprise Ltd., O=Noverix Enterpriprise Ltd., L=Road Town, S=Tortola, C=VG

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0D69D58F1B3EF4A92C6AF2BCCB515EDD

File PE Metadata
Compilation timestamp:
12/5/2014 11:10:33 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x75B26B

Entry point:
54, C7, 04, 24, 23, 6C, C4, 8B, 9C, E9, 56, 2E, 00, 00, E0, FE, A8, 52, 08, 71, 41, 2B, 47, F8, 45, DF, 43, 0A, 86, F5, 73, F2, 4A, 93, CD, A2, B0, 17, 7E, B2, FB, 70, 62, 36, DA, B1, F3, 5F, C5, CD, 9F, C5, AA, E1, 5D, 8F, E2, 80, 58, A0, AB, C7, BC, 11, 13, 51, 85, 66, 37, 4C, D8, A4, E5, DC, 39, 36, 94, 07, 08, 7E, F0, 73, B0, D5, CB, 14, 96, EB, BF, 31, B9, E7, D4, C2, 59, C2, 96, E5, 6D, D6, 78, 7D, 03, 5C, 4A, 39, 0F, DE, 96, E9, 67, E1, 6F, 7B, 47, FD, 09, DA, BF, B9, F1, 0A, 7D, E9, 4A, FE, 0A, 35...
 
[+]

Code size:
969 KB (992,256 bytes)

Remove omegle_downloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.