» setup_imgburn_2.5.8.0_dlm.exe
Overview
Analysis
File Details
Downloads (8)

setup_imgburn_2.5.8.0_dlm.exe

Tanefefoc

Digital Digest Pty Ltd

The application setup_imgburn_2.5.8.0_dlm.exe, “Tanefefoc Setup ” by Digital Digest Pty has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.sharemegatowers.com and multiple other hosts.

File name:

Publisher:

Sibas (signed by Digital Digest Pty Ltd)

Product:

Tanefefoc

Description:

Tanefefoc Setup

MD5:

6c0db9bdeffac3c0c8204ba8eaa32773

SHA-1:

7001f881b9ea14f1905ce467205c831a31f33983

SHA-256:

5437ff9be058c7e38aadeaa9f46ab70a90eded9b8b2bd79b00cede301fd53ae9

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

11/30/2024 10:03:59 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.installCore (M)

17.1.3.2

File size:

1.2 MB (1,294,816 bytes)

Product version:

4.0.1

Software Lite

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Common path:

C:\users\{user}\downloads\setup_imgburn_2.5.8.0_dlm.exe

Digital Signature

Signed by:

Digital Digest Pty Ltd

Authority:

GlobalSign nv-sa

Valid from:

1/11/2016 5:08:02 PM

Valid to:

1/11/2017 5:08:02 PM

Subject:

CN=Digital Digest Pty Ltd, O=Digital Digest Pty Ltd, L=Templestowe, C=AU

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

11210941E2039A7981182E840CFA2EFD84D6

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0xAA98

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 2E, 86, FF, FF, E8, 35, 98, FF, FF, E8, 9C, 9B, FF, FF, E8, B7, 9F, FF, FF, E8, 56, BF, FF, FF, E8, ED, E8, FF, FF, E8, 54, EA, FF, FF, 33, C0, 55, 68, 69, B1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 32, B1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, D0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, C2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, 24, 93, FF, FF, 8D, 55, F0, 33, C0, E8, 66, C5, FF, FF, 8B, 55... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

40.5 KB (41,472 bytes)

The file setup_imgburn_2.5.8.0_dlm.exe has been seen being distributed by the following 8 URLs.

http://www.sharemegatowers.com/blMIT3C4aiCnAdVRmykhs fmJh32UD6wkr1JmIlvJC3Ws1djIXFJKtcPulyOzkAXxwiwfeek4xzKpdh_oCyquoi6 Z15lmwrzhXhOLiR9qFUkB60lnsiqKLNmOMHm6BfiobA2StWQVucJvLsH7q2sDGq7bMhU2oJGHDqCstVouWJccO9grPUlKH7lQmHMdkoktQL48y3RYG6NcZ8Q4AXhSzrk7D99xSo0AfD2fz_mDtkQIDOsFxZjS0XrzqMwTtOMJuXsd3G8OXxP98o858OoN_FsFqKmfHB oKSgaOXNeVxg3CoCke33rB5N_VMBz7uQfLF6fxn8myKIoy27_ZL3EL 7TItqg2GjH08TJ8YsJ1DA4ebBHHsnpWprdwU6Gv6uQCHHk2k9EmVMHxdlg6FtT6gB5wwnwTzUUXpPiAZuzSwZvnawIDRhcXhMS6uxnUqtgubY7PdplfdaK9PlFftx829dOpLrA==-G3gAAATCtrVG1DHwZIGQrZ4N emRDOiUA4dWUOJtB77jxe481PGnIrFvvMYKmrkACKVk7Pr6r8KUew5q3iXw3OKQdtZvmJzpuALOvS1bF9NGb6rkchfZPEZXYsIeAA==

http://www.sharemegatowers.com/srAztDNJxfImDFBopxr6SIsi0E4etFR5ylkpOGQZ6BcEcoDwEyxO_r5JUmr4t 7COwCm3EwHSc_AtAULCVeK4PnG48WU4 P860q3hNbAwqQ6OYUYS6Ch8R8MI3mNibEid3Y DwAAMyp6thGPlPO6Dy8q2Df3IBEGNHRZV5UWLC7k8YLpDeCOPTNU7SeEh5XGPTGaIlpbu23x1Q76 F5umF0D1sHdMQYgJ6PWA6QXEhUOhmdGf8WywtfKxCaR7TeB3O1YJSLTqVS28LAc uu8MHfmq7e2Tc7sHmhtKoPokGhN4Pe4r6jLGI_9qGkqjiSfGnvC6IS8fjCV53UQEbW 8JqfMVOegcCFyXHWTeYVv8A96fV3We1e2enBlCfJApBkIbqOIOZY0cVqUW Pjcduqs3 Cbmq4M1O9cvPlaxBa9 R_lujhqGfa2Bg3wtOqiLuKtRGwulkmAisaVAqyhUwtqdPSLb6Wg==-G3gAAETFOecqdwZhCOS69KB3pxw4tIISbzvwHS9256GOPxWJfeM1VtBYBQBBKRnrPPKrMOW2H6owcQnPLaa0s7qGdWHThwTh3qEgcfmOdMJBGoZZ5PqIdBRniQnCRFI=

http://www.sharemegatowers.com/cwT2ZeFdhkaI5SZho5u6Y9DUM_HAr8ij4pTFNznzy2iRm1YKB_KqlG2dTcQuvanL6zXNSRS0nyflL0xSOnMOTslcEBH fMUZiZco__ZPrdEVlQDv bXCs3imuQ MJAfYKO5E9_CPEPrxxaHPGeCrJohh4P1xOYwAVvYhYNkkCgbo6Y6 KMhiMqIK3JCymxsQhKPUrw Z_YztgWC3yB2jp5UE9gEqnbi_0UX_pm7En2smSxdMfKrK0o95jXDhdcJ09ZLVdPjM1E TIWx8VDODhUoIbL 4h3LW0gPmT3IQn9MPGip2wD8jHHROr8nmHMEIbbP0HxXgAt6wBdST4LT6aIQN954OXhmUp3IcEX4O5UQc ih9hNkpPL6gC_lLAZSh8Yys2a9lP6uztDyWbfj6RI9Nzg2S4suV70BF8FYruD5_G6UCDVvf0YzAo1zpEpIqjaxJ cDpSpWG5qzJ7lQtE6DjnDtulw==-G3gAAMTPbd_aRRXkfoGQ3CzheMCMDjedcuDQCkq87cB3vNidhzr VCT2jddYQbM2AAhKydh99k FKfd6UIsehOcWU9pZr_t_ffEkdO4dyJxMw7i5YEhrp4R5VuZUnAc=

http://www.sharemegatowers.com/1NGZPJqjQTrFIogRjhgdaBsJy41oAc83c2leIoX6gFleN9wUQCPD6ZYWYiUM3IMHE_FBhexGmxyrW1zUBHTgh_x_XAqqaehmki nVzEcLnzCfiujh4M9j1FX4vZnq4U6_UdU2rUqSX88u J3hVQegLXsVUwN5F199ikLpO5R96ZVGvepEw0ojkxSe2DN34 H6pXddFTjr1d5eq kW6NG9wQEArbdXTBvJdSntw i uoSJR_s gL9qJRcMAPjVBzR6YF wFyuz3Pt26avkUoDyRQCH tE83X1AiRDqz 7a5Vl7UsJj4vPsJ1kkBF bi2kqFRnvqkwwX5KPmPFS8FwVhKtAxHMzwtGc9YtrUZVYDQrkNx7gSEeThFUWbubAAoO4d2sNBUcAGcvgDPlkrkWDShfIB3xfBpehvGeCrid8JGtL7aVvLEUIoDFGNFESIM0zhtdRuS_Isl8l5Uq6qxerPIP3 huQ==-G3gAAEStOecq_4eoyU_2mgwkqTnlwKEVlHjbge94sTsPdfypSOwbr7GC5nUAEJSSsf7gp8KU 73QJnkgeG6xpJ3tMep6T_8mIPfezcqosIwM9jTO0iAISQ2BtAizQlM=

http://www.sharemegatowers.com/5GPxHBKte0qLen2J1BO JWxhv8OUD0lbxNeN3XKC4NSFs2EQbReArjN8 d4HISdm6X6_3V4tL6sDb 7bhy8Uln8KLiD_Dca_7id RZmc6TPAKYG8tCqLYvJD93jZmTiKq0V2pRLel9Nhe5rxwsQPhBh2i3HHaGRvRcfWSPluE4qgdcR3AIJV lGyVQ eqLJiUsYj2sgGQEAk9KEac35s7tfCWaYmQlwuQvYghpVMUOObUy4f9XwC XyHruJL6vYttFCs1j6ralO0enVe6jRpqZa90WPaJ7khX1 PIpY gcvo9nIW5hfBVHbTiZQeAqimsBPnb3ZY41PBpkRJaRPZjxsGIWrD3 1c3izkoOmt6o6DSJDDnlrzIh1ZX0t8NL2z9EmIxFd26ubfKcxpMDUqqz7jLoHJjZC88TJdVRpV0zTrK1aML2upMHYhMiCGFJ36fUaMhfAw8IdLNZ6DWLP f36AOqiqUA==-G3cAAMT2bt8aUfF5Y5QFS7HDzl8wzaRODhy H37xtsDacgtzG8OxFRUi6MVrrKIeE0mEQylY83V8Lqxyj4cNVYXPLZa22f7t3e_oAkg_iloC5skaxU3JtSjPWNPgHQ==

http://www.sharemegatowers.com/cjPtPgz3lo95_Ba4YTlpvzQmX84egE7sAXCgMun5GHgCr_b2ieKUfJnmJwG05joxAyoJuCHjI89RBSiswg0uvh7SX607Omb2lJFovnPgJIV5Di9wjoR0sNoA0UsOIIreSCdi9LyFUVDIqMMaRUYU_Vv3WCPAElb81ihpnQT0sHU2vSSHnAMQnGtH36ZcWFymy5HOEW1AQ7j97UgK0_71LDCootQbx1IBz3zF2uDnZGB6_JnydMib71NmeTt8aJAUyCBx3ZUHDHrnIsEYMAvEcODVMNJHd3xDhKC5U_WvR8i2 Jml7PbzVh8YhPEPMM1xaQHOR8qyMjwsmZ6rO8gjcKU7ACqO1sD66KZ7QlGA8IkBqU0rsQHJN_u00p_WzGImCZHmNsYtQQKLS9ovKuoAHgPaifQbZbwckQs1HVZV1A_e30H1LH1W8p5VB37s83UyQoZMz0kxq1RN7i ChG1E4NvZ2YjTfg==-G3gAAMSWW2tE5fBvzLBisRiSTfboWSzTKQcOraDE2w58x4vdeajjT0Vi33iNFTRjIomwlIydn_xVmHKPlw2uwucWS9rZ_MO29 MUJvdWFNIciYqwWrVfbtBljbtEZAE=

http://www.sharemegatowers.com/GXi9WjwtsDg6FYFFlT YgSd5X9TdicRFeBwme9IJEOJ_r6TDNtLb1CQzeV k5eAzrgfhjbBCD8BVQ9pbZdOu6_w0aXrv6KE4hhxFQnzNVG TwAT4ul_f7eDyxLFKMxS3GxAu D38A3ohEXX5SCbEMEEyVTwiHPpf4ElkDnwJSj39A3ua8evpYMj2opzbAcW7X8LU50dgg_SQ4Dr1RXTkIrnT4VvVCYRF4Ucev0OXntUq54yXgBtkGxQKjL2fSylluWdg1GMgOrwC9TP1KI3lzwZ1rpqNx07K4zl2eKGq2P3sRM3TvKRiklM5kIebqvwgsGqTf2c Hhlvu9HQePlrcc0 Z1g Fpt4CZm8nCOo4BRRryVdkvp7g4Un 7NnVIBH3gD32XuX3qoRyG5DsLQkDHqm5cbBbyHq_TIzM5dsCywK89RwqKRPzmljIAiJcvX5MeLR03ZmfRwalBXMwGbz LU_qm4KRA==-G3gAAMTIba0tqlBpRK4zfnAkE6ccOLSCEm878B0vduehjj8ViX3jNVbQnBQAglIyls31UmHKfS5otOMEzy0maWcTvu7v17YQVO6trJiCnEalUbQaNKzmo6pS BI8Bg4=

http://www.sharemegatowers.com/yAMhJB0McU9VRR5WczKg6GIngPKri o1dUhzgwUKnlyo6XM3HcZD3iIM_ZFasjGBi1xev euAvOo50KecMIRDU4tTM7wgMNi4CsEb82azBFf2dDABJkyy9qKeJWJUXgxIvUu8dCp6uarBYQNBPVKEbSBr_u3cfR9Pnei3OKBYoicfp U0HbCYvJs2TB6IwObYemtHiAm8SiuKuW8nJ ryCRoHsq8tmx0HRidaDHLkIrJA0ou5zP2oYWPFEc4SoA8T0gJQNB19ezLxOBj774XyFEuSxrzxkS8ybcgj9SdQdSzrkUxvwhsqLzITSeG2ZFk4NC63t1bafK8QPGMF2k3wuMFd5aEdIh73U9sd4OHA6vjg4hekv dfuczCIPuogQ07d wtJvf5CSSFoN832O2OuKdFfGOw7nn6LsTMGEqna1c6_GPnAxHUqdHkaa1mDhQZAr U1RifwpCwJj7 bN7wTFwqxysg==-G3gAAGTZXGuL3CU e50hlTvlwKEVlHjbge94sTsPdfypSOwbr7GCJhpmRriUjE2s_CpMuaPnqWxS4OcWQ9o5hf1Ubr8DWLh3UeQobVPkRKySU5qmlYh0VVplteYZ

Remove setup_imgburn_2.5.8.0_dlm.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.