setup_imgburn_2.5.8.0_dlm.exe

Kimuc

PremiumBeam (New Media Holdings Ltd.)

The application setup_imgburn_2.5.8.0_dlm.exe, “Kimuc Setup ” by PremiumBeam (New Media Holdings) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The file has been seen being downloaded from www.sharemegatowers.com and multiple other hosts.
Publisher:
PremiumBeam (New Media Holdings Ltd.)  (signed and verified)

Product:
Kimuc

Description:
Kimuc Setup

Version:
1.1.2.8

MD5:
edfc773219a5598984824aeebfe82d41

SHA-1:
c7a5e4f6218272f554ae0439a6cf4227ea0c1eb6

SHA-256:
0ee0e6f68fbdd92c889f4fb9cf977bd496f610ea832c3b3e534d723f81b23fd1

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:
This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:
12/29/2024 5:47:21 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.NewMedia.NMH (M)
17.1.10.18

File size:
1.3 MB (1,322,944 bytes)

Product version:
5.1.1

Copyright:
File Program Installer

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setup_imgburn_2.5.8.0_dlm.exe

Digital Signature
Authority:
GlobalSign nv-sa

Valid from:
3/15/2016 3:32:02 PM

Valid to:
5/23/2017 6:45:10 PM

Subject:
CN=PremiumBeam (New Media Holdings Ltd.), O=PremiumBeam (New Media Holdings Ltd.), L=Tel Aviv, C=IL

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
11218480E9694D8FE5FFFE43B686304FC6EF

File PE Metadata
Compilation timestamp:
6/20/1992 1:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xAA98

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 2E, 86, FF, FF, E8, 35, 98, FF, FF, E8, 9C, 9B, FF, FF, E8, B7, 9F, FF, FF, E8, 56, BF, FF, FF, E8, ED, E8, FF, FF, E8, 54, EA, FF, FF, 33, C0, 55, 68, 69, B1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 32, B1, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, D0, 40, 00, E8, 26, F5, FF, FF, E8, EC, A0, FF, FF, 80, 3D, 34, C2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, 24, 93, FF, FF, 8D, 55, F0, 33, C0, E8, 66, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
40.5 KB (41,472 bytes)

The file setup_imgburn_2.5.8.0_dlm.exe has been seen being distributed by the following 10 URLs.

http://www.sharemegatowers.com/DJ1KcNUeXyJdboGSyzi8Xtd3ck9U 7Cuyqa9yOTDh TaA10aQRM U5ZSflkQEFMRhS1HqB3iGgtifjJAuORK9E046EmUF8qFNYUbp_sG7yLOiTWk2MQ8zqXy25RIHeFB b0YzI6c0l6NR9hDbyFsfZN6MYwAWMZyTvE7hYZ kmNqRp4wcCXV02HHRHnPSvVnz2RC69EzChQy0FqHEhV0sijM1KyKVC47v9OG6l8xRh5JKfj6IFRbHe4aLqcNtKifze5tWecSzxIeID9JUhqsamJRz3GwSrc6NsOs5ILdw7YCtTPNQrWdQljv0snk41Ktth7IHkRuu_YI7sZjyKDfsus4g8_lyqfHICV_E24DV d4rPFINxNMdQg17Ossh0UoNm3kTjD 1z_PrEsR nfwSI2Tlw7psGEH7tPhM1B5_qPvCn1R6pk1b1jlNxOy5hhdLaXWxYXMgfNW5elqcY8i5Rj28Nxaeg==-G3gAAMRom60R57qu3evg425TJwcO3w8_SEBtAeeYWM5DHX8qEvvGa6yguSkABKVkbLb2R4Up972jaMcJnltM0s4y2Ov6j2kk6Fy5FvCxBlVL6WcPszRhnehS10XNqgM=

http://www.sharemegatowers.com/X8Sw _uQbYcHj4vW9o7VswKEjrMfNXMLEmsaD84vGfNhpK0KKBnbWB__nm_vVbPcwfIkd58DSJt2elE45hTC_yCMeQX _OS9Arhgjkek0nTqT6v4dM6C7hto2Ad K9YRxBhQ3 9fU Jl8Xa11stt9jrOSdlL7 l6djilCr6M0snAf9gbPKXyDp9hFeOtj0piznRWe3wF5c873LNpmJ8 a4IdiGmBxTu3uipVcQIB 4UyA loGc jYEAYLaex_muQIL_L1Gu9mzingRz6HXyj90Px_SdVbdOxxBAkE1fmWutnxWdz0DW8W1F92ntmri85O287wkIOmQfhMWqXjn2DAzxHHgPUEdoMRhs_2mCAEAOZiuK7w VJmA1QDIVbk1qSkCC8H3WrHIBYzF30XOy5VXh9BUnQ12RVK7JMHAmy5 2EPD6ffWrLKXPZ4nG7XsuyeWGmPksdvmQz0S9nmsI2USsx8FlSpg==-G3cAAMRyW2sf8dkB_4UQLc5Q0PsxGxs65cChFZR428G HcjuPNTxpyKxb7zGCpqdSCIsJWOPGb8KU979sRdT4XOLJW33a82F8xaAehMOeKhp9YGcm0alPj4azF4W

http://www.sharemegatowers.com/lIeEBTV ccLh0rD_xG NgCwEYeNHcB5OA9NtbCHsPae90hsdvnd8hj6f 0T4j7SiHqKEk0ySzUDyCUFKhfWuH4IUEcZNzLSyHT2VivLgEl kYH4K 6BqNTWIJudGthI0Ji7gHjhFYeowd6MCOb55hQJ89oTXz3yFpsmNuXgx YdRjNnLiNULfSRdMSGWHQLyZammkM1rX3Y5o3 8NuhYAVZy66rMvEUmUiYo1fwmUauhvQx8Z MgszOUfyzzScfOIXd47d ONRzQRJnvqxNuOdJGlPJZKQ zjI6Gt6dLFzEFcnhRE03sSscJy1GYlnhD1x9uobXjUyF3420eim8bzbx0xhlaOjfpFnu8cTZwklA aJM6nVWegClWMJgDEJj ZkWwE8iYsP9k0hdYsUsZkSqdfAzNfQfziT3WUuIskH5 it1NMXyuq7qTgONIQQuCiVsbMCsZntOj26DvivQ7amlYouluOw==-G3cAAARE3HSuknskuBmxLuXK75QDh1ZQ4m0H 3Ygu_NQx5 KxL7xGitorghAKCVj49VuFaa8185Y1Inw3GJJ2 P8_m5ypwDUG982gbLMSakTGlXzhaZmeVKFfGkA

http://www.sharemegatowers.com/LUW4FGBrmdCS4UzofGHlfiJlt4i4UARbjFQGNU_XA91R75YmCVK825PFN46BVnVqPIFxcjVm8J5VRFepm2tMISJTLLVzBFbYAaAGKVO1aNk4IwO01 jD3 3T0EGdJTjvA4DAMzXF637PVw3xCdn14uei3l4UPUsCk 5QmMzg_boFjhYPt78dRw9upHfJtoNEmPKVJjW_K9lPd3pkHWaw2T0U8K0JpEGwdGcmx9hQx_ebvJC3wGtlb8_HE7soM2sUJuSKVgsGA_g_uAfMnlublfUs5cVGScvTv53m23JjOwUw GWmaIbbg26nS9tn3M0MyO TIhq2tCRD00Fy36hDZP0 7wFcfvVlLcrA333104WewDQkhuqFi25XnIF374XAuhjA3AqzvwMm2NHc76Vbup9I65MSB6ETHti9ivcc7LarRLW6sjkAiSU3Y5pfeW6yuYIjYk9hsnppH4FZgdN_n4kF63OyNw==-G3gAAMSgea19lAaVsoz7yU45cGgFJd524Dte7M5DHX8qEvvGa6yg SgABKVkLJvir8KU 1uQa8cJnltM0s68OXs1tzgJIvcWUhotYTwXqhtVHLhAsDb6wUnrRg4=

http://www.sharemegatowers.com/6dZSuGBYX5UNhtd4D XlKKbud1P4KMyqzw4zRrNhdV27YGNGkKewH0GFk39qaRhLl7zheBJsDyerpTRK69xGnO5JHQDLTPtwW7ZlCxzmZ_XtPNpM2F9_3AF_EOtunW5yMmwsRq62yA1kFNP2nYHnUBa7hy dmDbOvPxvAvkhpco8aVf_2kxB_Iu8SpCPTRNrxH5cpJ3DvB_rY1q58zzLRY2iqWvDsauiW0 FfOfxzQYwRB7dESKAaIXDrE_q4t3EorTsny8ZpGcQlWIjfFAGZvMI_jrboZ_1 1INxwpaD7kgpkafqphwJnRDsw8ejGCjiIXjZyn2pY1coJ_t5p3IQLGOmuwoJ BfgQUT1O4Xh9_w 0YxAIJ _2tEbG6bmXV2xELrlx0uqCCCcjY2p0qChLTTcnSu5adCetMchduoZ3NVHHg5Yxan4C0wPyixahPk0r3otyLfMqEvY1VgJ58ZAnGTP f2xA==-G3gAAGTwnNmwS CheyS2Uw4cWkGJtx34jhe781DHn4rEvvEaK2guOE0TMpWSsWidbxWm3Nc Ba4wmJ5bDNLO0PT_2fC1gGnm3sM4csOrMaxqSiQ3olZVjVCYVTaqCQ==

http://www.sharemegatowers.com/xAFYDsDpQ7SBE8Ib2BZXpa_WPMWtzdddQmhXxAV6ak8uBzqo5N9r2dRSsaJ26CxuIT3rBx22xWLCAwjzNuxO9GioD8MXbnOVoYHe keCJ1iw2hDQEXiuU3T9f6jYIJLLHw wRyftdsgATUt2LzBvZFBMKH7nSjsYl5TYnPF 93J9cDcdySsoETHKJJZvwEuSN76SYTdzgALR0t5OHMfHO uaUfi0e6xOZ_LXFhTLFCjwqpmA6A74XYVTKt7ltsV1wI5i9V26vScNFuk MwtUsriSAWuF46Bhvs6dIH6UIND97aDtuB78VUjtFBXvn6yGweihNivddycPk4Gd10Qh5tT8TnAq_C5qQ7DcXMC2oiHHrIGijdz5X1qk0oMHREpgyrc8pK88CATUfS0PYKRJcuQdxVeyA2t4Y3gkcswHtCIAHfLFguXCwgVC8MUv9yUNedYrAreRpL42TnrFZmrMlCvSrs7OOg==-G3gAAERhm60R70sStQRl4G3olAOHVlDibQe 48XuPNTxpyKxb7zGCppJASAoJWPZ2X8VptzzRtGOEzy3mKSd5autbmFZCTr39s7IZjRGN1a7LnkQuzDBCTO0PrQF

http://www.sharemegatowers.com/UZKS464Z3Ua8nGvtZ3K0okxpmUKsx5B9U xLGoYUtLLylBaBnLY9peYuh121OUuqp3ptDFu0iEPzk5EhIsIJu7WIFJcvj3fa yqSz6uRm5klpdufCFVkYQAlHTJgpK0ggWpIeOXRl2Sa6QlUUPXkabEWZbb_T3te94heBlKTlBw1W_BsnNaghJdGf27YDzqWSMfCF6h37ZMSf20 hLkMUSYvQqLSfw_VjyUxu fL7j60xlCdv1kh1ldjOKCThWZ gYRgnw29wwZcslBX6YxpLb6Xa F2giHOhnMWNy0l22hWCR8dAgQy3Duqt5gUcyaBYDCfAflg Pi1swJrpJBizzJUpaV7UVI8nLl6ahQIeJ2a9aP h cckN5laxBXKEDZ00xxjMH9geLkh5JeRMprK2hSQSlLW6lhqOopz MDPC6LN63I5jwo4DsHOcEl80yjdrKr2jqpvwGXnqPGTSHy7eL1PWmauQ==-G3gAAGTZXGuLd va_jhDMjjlwKEVlHjbge94sTsPdfypSOwbr7GCJiQigkgpGZtajSpMuYOXuWozkOcWQ9o533j83xtPEOXe2jeKHdZaaVm0SlWGRaGGy74wLeU1

http://www.sharemegatowers.com/bj_y_IGLO4G04_ESWz9N_nzG2RzU9 RhSC739B0TgcOpk2k0iinAGL3JV2E4aUF1OfPsPKnMFFZqF9ywt046v_VpNe1dfREFMRuyLkVkezpXfUn9E WfrtZe6Tk_V23D4THaPDBn0TVdJXDPaawaLWer_ur6imTC6w6cp9JPTslmCWRpm5bl58d3hblmsPDF98bl3T97KzFBbsoZD4MJX_Txz4dfmzl8MfdXnAkF0LSLcuAqojCjN4xCDY9EBpX4GJZ2XsbVNWmla19jdtW6S98_PA4rd5eIXKTP6oAF6iO_IlOCy1XWV88DbnW QnegSg5KRFD8tUFaTRpRGd2SLhLXIWdANpSfVh MANl7DHdG6uUEG 459TZVi_0uZbHXZaxrO85tokz09hwSC3uQ08ywK1qneofbr3CMUcZWXtqb0CaooZ6xySpYXDeDSM_evq Ai7raRw6nV 2q1_ P Zm8e5b4Bg==-G3gAAGTqnNljFg9o5x NS6ccOLSCEm878B0vduehjj8ViX3jNVbQXLCUgpRSMhb1eqsw5b5mCVxhUJ5bDNLOcLYf06NtUCr31lRro41uWejIchRCiMRzVKaQiLkE

http://www.sharemegatowers.com/jzPDLNnntdU1 CHM8E6uhakIiGe8n0KJevT4_x1DZ_IBh jhGTC6xg4W7O Ve6aliQ_Jlc dXWeijilBF_z_AQ67eRyoAw8DBhiV22TSpbb336oj jX9amjJl76d6OAayOC168Waar35Tv1jg0CT_6tMBuL0ER9RG7MRvhYhBntc32szi4gV9OxwHcFn7xgEvYnYfODCIo6ttvtGsq4PpAcFq2CbrQGku2F1py6xQ2jyJTiDVS3ZD6Mr4Wennx4C2ZG70_w2ur SXxek1c8o98oKTYLLAcWZDNncNXcoLRRSbGHjMHINGW6FKzyESbyPf64_b6Kkj8YE8Il3y0ZDHcMvoRnfXspfnOsgGq5rjKrzD_Ob NpNb3ZnH3EGrar2q49FFHQSepGDZPwYGJHy7mt_AmoN9wjR2NzXjOR0WA_vL5_12UD2275DI9FPDDbj0lVIq6O0PiwfXmXfynIAJGViwmgwHg==-G3gAAMRoc60R1UKdhsTxzJM45cChFZR424HveLE7D3X8qUjsG6 xguajABCUkrFs778KU 7vRNGOEzy3mKSd5VTrcQ3vQ9C5t5Chd ksN1uVFp5ja8YLqFqD4aIB

http://www.sharemegatowers.com/p4eifkI3bmEHfqdOfI6ORKafY0b5ieJi7cN98WwhwY9F XBEtvDlDywURzZq3huoC1sF5KCL4SjIJq5BJvgxON ElDt4a9SGCl4fyUOPfpynLRaQxGzvmZ32XXiTey2KF96q5u6crvBCPfh 4i 74PzJHP5NGOCvJja110Mia5gBD4MboMWKECW5hEcztn2yzV 9iI4B AwnerIdGOWSJYVKNlnKiGJugJn7zMqjWGmHND4Mlx93GJIJ80_gL4RbFqro3M3tPxCig sNoLjaSMCteTJyuTg6zX _2TLXmu4sFSfITvAw8dxQU3lJ8FslIfMo_hrrz6bwiW769wC1sywd9YGnrXM0z4uqoS9x_tsjkgbNiTAfKYhMxfzsLuc55PLgsyhqw5Edw7Nirnxbpg6cJyzKHV9Ab2SQgpX0V4FZRWZyD7T5VgLx0IX4mHRCYQdtaSzmhNEufNQsSc7nS4z2VrH80g==-G3gAAMRsW2uL6HSMEchGq3XwwzOjUw4cWkGJtx34jhe781DHn4rEvvEaK2hWAoCglIzd3vhVmHKvD03KTnhuMaWd7XasS4 HENzbXCxynQqTysOiR1fjzGfxMYUB

Remove setup_imgburn_2.5.8.0_dlm.exe - Powered by Reason Core Security