» v-9.1hd-nova.dll
Overview
Analysis
File Details

v-9.1hd-nova.dll

Robokid Technologies

By using the Crossrider framework, this web extension is loaded in the web browser and displays advertisments on web pages not affiliated by the extension or company. These unwanted advertisements are injected by the extension in the browser in the form of common ad types such as banners and text-links. The module v-9.1hd-nova.dll by Robokid Technologies has been detected as adware by 9 anti-malware scanners. The library is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. It is distributed as part of the Brightcircle group of browser-extensions.

File name:

v-9.1hd-nova.dll

Publisher:

Robokid Technologies (signed and verified)

MD5:

652d3edfdf0d8e80cfd9ee1077b64f7e

SHA-1:

6a3db84d9a3c102624973e08da0d9bff8357ae9f

SHA-256:

b43b397d79d20ee43c3e444ba26240b6a7907da5dd870c1eb299681f8d366345

Scanner detections:

9 / 68

Status:

Adware

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements. Distributed through the Brightcircle investments brand.

Analysis date:

4/23/2024 11:15:21 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

AVG

Generic

2015.0.3402

Baidu Antivirus

Adware.Win32.CrossRider

4.0.3.14725

ESET NOD32

Win32/Toolbar.CrossRider.AI potentially unwanted application

7.0.302.0

G Data

Win32.Adware.Crossrider

14.9.24

IKARUS anti.virus

AdWare.Win32.Crossrider

t3scan.1.7.5.0

Kaspersky

Trojan.NSIS.GoogUpdate

14.0.0.3248

nProtect

Trojan/W32.Agent.126312

14.08.31.01

Reason Heuristics

PUP.RobokidTechnologies.L

14.7.25.11

VIPRE Antivirus

Threat.4150696

31208

File size:

121 KB (123,928 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\v-9.1hd\v-9.1hd-nova.dll

Digital Signature

Signed by:

Robokid Technologies

Authority:

COMODO CA Limited

Valid from:

6/23/2014 1:00:00 AM

Valid to:

6/24/2015 12:59:59 AM

Subject:

CN=Robokid Technologies, O=Robokid Technologies, STREET=Athinodorou 3 Dasoupoli Strovolos, L=Nicosia, S=Cyprus, PostalCode=2025, C=CY

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00ECF35E880AD0F3BC6F82DFB1F2E84CC0

File PE Metadata

Compilation timestamp:

7/22/2014 11:03:29 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

1536:CxLUUSwIDFEPSkDhgoiZVxuCkV08+iS4cz9ysWjcdS1EG10DYIUWNt:MDxIEPnVGVj8+NR99S1Ek0DHUWNt

Entry address:

0x60C7

Entry point:

55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, B9, 2A, 00, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 07, 00, 00, 00, 83, C4, 0C, 5D, C2, 0C, 00, 6A, 0C, 68, A8, 8A, 01, 10, E8, DA, 14, 00, 00, 33, C0, 40, 8B, 75, 0C, 85, F6, 75, 0C, 39, 35, 48, B2, 01, 10, 0F, 84, E4, 00, 00, 00, 83, 65, FC, 00, 83, FE, 01, 74, 05, 83, FE, 02, 75, 35, 8B, 0D, 40, 40, 01, 10, 85, C9, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D1, 89, 45, E4, 85, C0, 0F, 84, B1, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 11, FE, FF, FF, 89, 45, E4... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

69.5 KB (71,168 bytes)

Remove v-9.1hd-nova.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.