iminentsetup{2.6if3jlvp.1}.exe

IMBooster

Iminent

This is the SIEN AppScion Installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application iminentsetup{2.6if3jlvp.1}.exe, “IMinent bootstrapper” by Iminent has been detected as a potentially unwanted program by 2 anti-malware scanners. The program is a setup application that uses the SIEN SuperInstall installer. The file has been seen being downloaded from install.iminent.com and multiple other hosts.
Publisher:
Iminent  (signed and verified)

Product:
IMBooster

Description:
IMinent bootstrapper

Version:
5.11.2.1

MD5:
2b0aaf7a6997f2669ae9f1e701d6fa64

SHA-1:
6cdfb9e20d82a72be39bc7bd325cbb7229c6f527

SHA-256:
7080a9ab87a99432c32ce57382a76718a2b191bc42f37159b6bb2ad6a9f1919f

Scanner detections:
2 / 68

Status:
Potentially unwanted

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/26/2024 9:54:26 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Installer.Iminent.Y
14.8.8.0

VIPRE Antivirus
Iminent
26890

File size:
804.1 KB (823,376 bytes)

Product version:
5.11.2.1

Copyright:
(c)Iminent. All rights reserved.

Original file name:
Bootstrapper.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
SIEN SuperInstall

Language:
English (United States)

Common path:
C:\users\{user}\downloads\iminentsetup{2.6if3jlvp.1}.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
1/31/2012 10:55:45 AM

Valid to:
3/2/2014 10:55:45 AM

Subject:
CN=Iminent, O=Iminent, L=Paris, S=France, C=FR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11214EA925C07E01E1C06B597DD4B36FAA8B

File PE Metadata
Compilation timestamp:
3/13/2012 12:42:12 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:9vkgn83Ot3AFObzjwZcItQrw4xUwOwp+rRxz1Fme:9V8eKFm0Ovrw4Kxz

Entry address:
0x2027A0

Entry point:
60, BE, 00, 70, 55, 00, 8D, BE, 00, A0, EA, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Packer / compiler:
UPX 2.90LZMA]

Code size:
688 KB (704,512 bytes)

The file iminentsetup{2.6if3jlvp.1}.exe has been seen being distributed by the following 24 URLs.

http://install.iminent.com/IminentSetup{2.UIcTWraP.2}.exe

http://install.iminent.com/IminentSetup{2.IKS6MyYP.1}.exe

http://install.iminent.com/IminentSetup{2.IFICxSdXlJ8U.1}.exe

http://install.iminent.com/IminentSetup{2.ubRal76.1}.exe

http://install.iminent.com/IminentSetup{2.czo5YZLhqJ8U.1}.exe

http://install.iminent.com/IminentSetup{2.unFlv76.1}.exe

http://install.iminent.com/IminentSetup{2.WFCppmaP.1}.exe

http://install.iminent.com/IminentSetup{2.GTZPj7ZP.1}.exe

http://install.iminent.com/IminentSetup{2.O7SKH7VP.1}.exe

http://install.iminent.com/IminentSetup{2.ORE6g6aP.3}.exe

http://install.iminent.com/IminentSetup{2.ZHcB4Sps74cB0U8.1}.exe

Remove iminentsetup{2.6if3jlvp.1}.exe - Powered by Reason Core Security