home

iminentsetup.exe

InstallerDlg

Iminent

This is the SIEN AppScion Installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application iminentsetup.exe by Iminent has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the SIEN SuperInstall installer. The file has been seen being downloaded from ustapi.iminent.com.
Publisher:
I.M.I.N.E.N.T  (signed by Iminent)

Product:
InstallerDlg

Version:
8.8.3.3

MD5:
25c3c639130b0180d529243515bcf91a

SHA-1:
184def11b782556e88fa37734adac483ac68528c

SHA-256:
0102ab1de0764790c9719ffc6a72fb2af95f25637188e4a332cd168ad3cdf3c1

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/23/2024 6:18:23 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Sien.Iminent.Bundler (M)
16.6.25.19

File size:
663.1 KB (679,048 bytes)

Product version:
8.8.3.3

Copyright:
S.I.E.N.

Original file name:
InstallerDlg.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
SIEN SuperInstall

Language:
English (United States)

Common path:
C:\users\{user}\downloads\iminentsetup.exe

Digital Signature
Signed by:
Iminent

Authority:
GlobalSign nv-sa

Valid from:
4/18/2014 3:02:26 PM

Valid to:
4/2/2015 11:55:45 AM

Subject:
CN=Iminent, O=Iminent, L=Paris, S=France, C=FR

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11211B82EBE1488BD4B863B3C28799C2CE65

File PE Metadata
Compilation timestamp:
2/18/2015 6:45:24 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:Ag1s9aiFcJUqCUGcJG+Ckc5gdIcQUIrNfkbEV5hs2t0Q+0YfEvecaFbdrLJU/:p1s9qJt6cJaid7M5cbWf+FcveNFbdrde

Entry address:
0x3C0EC

Entry point:
E8, 21, 84, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, F0, B9, 47, 00, 75, 02, F3, C3, E9, 5C, 22, 00, 00, 55, 8B, EC, 56, 8B, 75, 14, 85, F6, 75, 04, 33, C0, EB, 6D, 8B, 45, 08, 85, C0, 75, 13, E8, AB, 35, 00, 00, 6A, 16, 5E, 89, 30, E8, C7, 8A, 00, 00, 8B, C6, EB, 53, 57, 8B, 7D, 10, 85, FF, 74, 14, 39, 75, 0C, 72, 0F, 56, 57, 50, E8, ED, 8A, 00, 00, 83, C4, 0C, 33, C0, EB, 36, FF, 75, 0C, 6A, 00, 50, E8, 1B, 2B, 00, 00, 83, C4, 0C, 85, FF, 75, 09, E8, 6A, 35, 00, 00, 6A, 16, EB, 0C, 39, 75, 0C, 73, 13, E8, 5C...
 
[+]

Code size:
373.5 KB (382,464 bytes)

The file iminentsetup.exe has been seen being distributed by the following URL.

http://ustapi.iminent.com/iminent/.../setup.exe

Remove iminentsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.