imesh_v11_fr_setup.exe

iMesh Inc.

The application imesh_v11_fr_setup.exe, “iMesh ” has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source.
Publisher:
iMesh Inc.

Description:
iMesh

Version:
11.0.0.130401

MD5:
e0b2666c7a78e2f71876e418fd82f697

SHA-1:
b2acb95a90589c65f73496010e16933d6bb6192f

SHA-256:
00a93d31c09697b24b903d51fb82d16ea96bd6ce01cfdb04567af594e31a0609

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
12/26/2024 5:29:41 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.iMesh.Installer.Installer.Meta (L)
16.2.9.15

File size:
3.5 MB (3,656,853 bytes)

Copyright:
Copyright (c) 2012

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\{658237b1-e30b-43c1-b150-2435dd95f0ee}\imesh_v11_fr_setup.exe

File PE Metadata
Compilation timestamp:
7/10/2010 12:08:15 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:/jIH+iX1IqMd3Ueqn226nGIg4ovtKExQNE/+tJj:rIH+iX1IqM1Ueqn226nGIgRv+Nq+Hj

Entry address:
0x1D5C68

Entry point:
55, 8B, EC, B9, 28, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, 2C, 13, 5D, 00, E8, 8F, 27, E3, FF, 33, C0, 55, 68, E6, 77, 5D, 00, 64, FF, 30, 64, 89, 20, 33, C0, 55, 68, 98, 5D, 5D, 00, 64, FF, 30, 64, 89, 20, C7, 05, C0, 84, 5E, 00, 94, 00, 00, 00, 68, C0, 84, 5E, 00, E8, CF, 30, E3, FF, E8, EA, 61, FE, FF, 84, C0, 74, 6B, B2, 01, A1, 3C, DC, 42, 00, E8, DE, 80, E5, FF, 8B, D8, BA, 00, 00, 00, 80, 8B, C3, E8, AC, 81, E5, FF, 8D, 55, E4, 33, C0, E8, 4A, D8, E2, FF, 8B, 45, E4, 8D, 55, E8...
 
[+]

Code size:
1.8 MB (1,928,192 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to 94.31.0.50.IPYX-076665-ZYO.above.net  (94.31.0.50:80)

Remove imesh_v11_fr_setup.exe - Powered by Reason Core Security