iminentuninstall.exe3abe64

InstallerDlg

Iminent Technology SRL

This is the SIEN AppScion Installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The file iminentuninstall.exe3abe64 by Iminent Technology SRL has been detected as a potentially unwanted program by 12 anti-malware scanners. The program is a setup application that uses the SIEN SuperInstall installer. It is also typically executed from the user's temporary directory. The file has been seen being downloaded from d3ijsb1ryk5jd8.cloudfront.net and multiple other hosts.
Publisher:
I.M.I.N.E.N.T  (signed by Iminent Technology SRL)

Product:
InstallerDlg

Version:
8.16.2.1

MD5:
9b1e7872033d2a496c4387eb2fbf78c2

SHA-1:
4b7a1edf44e97e1f038bce09fc02da8e7df0c7cd

SHA-256:
aa1d0c8873caafb8627b5c518c1e586be9ecbe24cdef2f4ba64fbb35485430d5

Scanner detections:
12 / 68

Status:
Potentially unwanted

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
11/23/2024 4:07:13 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/Iminent.717976
3.6.1.96

avast!
Win32:Adware-gen [Adw]
2014.9-150506

Baidu Antivirus
PUA.Win32.Iminent
4.0.3.1556

Dr.Web
Adware.Iminent.48
9.0.1.0126

ESET NOD32
Win32/Toolbar.Iminent.K potentially unwanted (variant)
9.11549

Fortinet FortiGate
Riskware/Iminent
5/6/2015

herdProtect (fuzzy)
2015.8.4.12

K7 AntiVirus
Adware
13.203.15739

McAfee
Artemis!570861B09C59
5600.6683

Qihoo 360 Security
Win32/Virus.Adware.0b1
1.0.0.1015

Reason Heuristics
PUP.Installer.IminentTechnologySRL
15.5.6.4

Trend Micro House Call
Suspicious_GEN.F47V0423
7.2.126

File size:
701.1 KB (717,976 bytes)

Product version:
8.16.2.1

Copyright:
S.I.E.N.

Original file name:
InstallerDlg.exe

Bundler/Installer:
SIEN SuperInstall

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\iminentuninstall.exe3abe64

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
1/27/2015 2:57:08 PM

Valid to:
1/28/2016 2:57:08 PM

Subject:
CN=Iminent Technology SRL, O=Iminent Technology SRL, L=Bucuresti, C=RO

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121CF423BE77B3AE7537B1BCE9F96A3C3E5

File PE Metadata
Compilation timestamp:
4/14/2015 12:41:12 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:rrAbYKwwgvCKOdDslyAdqGHya/H/BPbkY+ss9asI3HOrqJ+:OYNKjD7Ad/5dv+l8OrK+

Entry address:
0x4F0EA

Entry point:
E8, 23, 88, 00, 00, E9, 7F, FE, FF, FF, 3B, 0D, F0, E9, 49, 00, 75, 02, F3, C3, E9, 7A, 19, 00, 00, E8, EE, 7D, 00, 00, 69, 48, 14, FD, 43, 03, 00, 81, C1, C3, 9E, 26, 00, 89, 48, 14, C1, E9, 10, 81, E1, FF, 7F, 00, 00, 8B, C1, C3, 55, 8B, EC, 56, 8B, 75, 14, 85, F6, 75, 04, 33, C0, EB, 6D, 8B, 45, 08, 85, C0, 75, 13, E8, 91, 39, 00, 00, 6A, 16, 5E, 89, 30, E8, A8, 8E, 00, 00, 8B, C6, EB, 53, 57, 8B, 7D, 10, 85, FF, 74, 14, 39, 75, 0C, 72, 0F, 56, 57, 50, E8, CE, 8E, 00, 00, 83, C4, 0C, 33, C0, EB, 36, FF...
 
[+]

Entropy:
6.6454

Code size:
465 KB (476,160 bytes)

The file iminentuninstall.exe3abe64 has been seen being distributed by the following 3 URLs.

Remove iminentuninstall.exe3abe64 - Powered by Reason Core Security