home

setup_imgburn_2.5.8.0_dlm.exe

Pagibacu

Digital Digest Pty Ltd

The application setup_imgburn_2.5.8.0_dlm.exe, “Pagibacu Setup ” by Digital Digest Pty has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.sharemegatowers.com and multiple other hosts.
Publisher:
Digital Digest Pty Ltd  (signed and verified)

Product:
Pagibacu

Description:
Pagibacu Setup

Version:
3.4.4.0

MD5:
f0c333510b38298bbb56d24ea69c4711

SHA-1:
9bc2af8e966e93b7167c5dc90be5b9a589951829

SHA-256:
b31df0209817da05b34f397f01c8459ca3bdfc2272ab3dd5243443ccdefcedbf

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/30/2024 10:14:56 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.installCore (M)
17.2.9.12

File size:
1.2 MB (1,213,360 bytes)

Product version:
1.3.9

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Common path:
C:\users\{user}\downloads\setup_imgburn_2.5.8.0_dlm.exe

Digital Signature
Signed by:
Digital Digest Pty Ltd

Authority:
GlobalSign nv-sa

Valid from:
11/1/2016 6:29:52 PM

Valid to:
2/11/2018 7:08:02 PM

Subject:
CN=Digital Digest Pty Ltd, O=Digital Digest Pty Ltd, L=Templestowe, C=AU

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE

Serial number:
28FDEF667CD17A44281EC77D

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Entropy:
7.9840

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file setup_imgburn_2.5.8.0_dlm.exe has been seen being distributed by the following 3 URLs.

http://www.sharemegatowers.com/1H9IYBnom6wD_CVVVc887TIlw bgeGIo_VPuqCzaN6JiLc8g69AhHLYHLfzRIG0F2qZxg7OW m4kNyra_KGI29 Hzqjhbsu9o RU6T1C5RkSxY1J4Q9yIvcMCSpRspmzyOyOcNg8MLdWnnsia7SgBMfVTYGC8Yx4 op_0dtyy6DjpXJZacysF9hHXvq3Wn7O7BxYpwghDu61BCtP4zZZbQeDgp2TgEhTke6lGGeUj242Udj 493EmRQoA91S7YCK2I5mfiJJkQoAawkNQRb443GeL6hMI8OsiwhumWYu5ATu GszHBoFjSYlJzJQkdNvEx9t3srEzUUoRKmg DLAUy6bBwvKc3jDvFGClSKA AM6_YB1ZLoxPgAPdlhTduSFT8tSp7 SMtCCNn6LrT39ILv7FwRsEj1veDcM5MUh4v_Zpvf9AD8Z HoqMnAHGc7xMPqqSDsVKpln2r rj8K0T0k53YCQyQ==-G3gAAMRsW2uLijLZCGRLBv5RmnfolAOHVlDibQe 64XuPNTxpyKxb7zGCpq1AUBQSsbuD38VptxroqgFwXOLJe0s bvr6zYF5L5R2Vu1k4D2PvJhvNrQ4EzJowM=

http://www.sharemegatowers.com/vnvbeNIe10WeqtjVevlVE4GDF2NRAKYSBWH1OhJYvvR_CaEmkLD6LuOG 9sMiQO9rSnYoymPD0uvYv_b4T0MOGpWODk4xZHIZoAGwqzhiaqeGuC 70eKThb5y36n20Bx6WXTyDL1dWyo2Liahf6RBzwmVlYpYrCGGFA BqrgM9vIDGz NGlG86YkIv_yy5ei_xkfanWSVXsBmnDbYtUS0o6ki9c9r8GcpByx5lpShvDs1IiZCyBbuLmT6E8xRQGL60dLahDozzOtdXkzr2ryt2gPI_ipSRdqhQ_1GEyJNNxK_T8VGjRGHgns7PwyPjgvOGBZhRe2iGdNdwMvMA8 sj6kwHG9aVHlhaG4U0CMK16v0_GiDYFBHA6YOje3Rht298Lym0Wn0bMk9pG7f0FU0VlFDHKRkrdeXqXel9WIAu3LFH4K02NPKLTRPnGT2V6vGS0vqwTqRl_sQp LuBFmvcPaXXNCBg==-G3gAAMRsW2uLCsNtI1ANxZCA36nBhE45cGgFJd524Dte7M5DHX8qEvvGa6ygWRsABKVk7H7Hr8KUe71ohyXCc4sp7Wyh32NyXoTg3kXHqL0m7ZzZ1LNNn86hLCZFGQ==

http://www.sharemegatowers.com/0PqFH9WzhrUgiiBrtL6wmnKLaupOKLuVwO4wZZvG2EjcHt2FWB8q1NfvjzbcaKMUf5kPdwKDLI1UVWEn8URcZDA2y8m2POSj5rA4WyOhwy_hsCnMEhrNdb5m4KUlGswFjZwPuMeQovWXgbEwGimM4HCvQQfqoAupF_SGxGrJbga94aomfg2bJR_jI4Hbw0hs5b7Vt8tkg1EG3vVt5qvgHxg5pNrc_z1O9OYgx5rlwRCV7We9bZi0YHmlsOXfBY5OmrnIPdyHKUtrCsuY_teeub1OuNgeAiE1wsJ7ivGn8aRwd5Gb1Z uRlt xscoWUDs4wp31oZbNJ95Uy2_z0MolYXCAUD1nyZ4q96TalwzZ8yyqBC7udQbmTIh3V9ag5ICg15GhqdYKyhLA5sXYKXnBUAOoWAKq5OA6BEvnPkSAjqgKN8veq TYUa7RsEfrxecyiwO0v29wnkENqikVrra iXrgiGpbw==-G3gAAMRom60R5yqBZgUePLPbKQcOraDE2w58x4vdeajjT0Vi33iNFTQnBYCglIxl 7xUmHKfB4p2nOC5xSTtLNuq_3V9IJjcu7cxhIHXVllIbxcPywQpptG9cQA=

Remove setup_imgburn_2.5.8.0_dlm.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.