home

setup_imgburn_2.5.8.0_dlm.exe

Cobehi

Digital Digest Pty Ltd

The application setup_imgburn_2.5.8.0_dlm.exe, “Cobehi Setup ” by Digital Digest Pty has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.sharemegatowers.com and multiple other hosts.
Publisher:
Digital Digest Pty Ltd  (signed and verified)

Product:
Cobehi

Description:
Cobehi Setup

MD5:
259daeb3455ca27cb512e09a11dee651

SHA-1:
e89df263e62e7706cfd742b0b64144e41330ee92

SHA-256:
f2dfbc96efac11bf420ff59b23465e1b1cab5c7642ba34386fbaede0a0843784

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 6:40:17 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.installCore (M)
17.2.24.2

File size:
1.2 MB (1,273,016 bytes)

Product version:
5.1

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setup_imgburn_2.5.8.0_dlm.exe

Digital Signature
Signed by:
Digital Digest Pty Ltd

Authority:
GlobalSign nv-sa

Valid from:
11/1/2016 4:29:52 PM

Valid to:
2/11/2018 5:08:02 PM

Subject:
CN=Digital Digest Pty Ltd, O=Digital Digest Pty Ltd, L=Templestowe, C=AU

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G3, O=GlobalSign nv-sa, C=BE

Serial number:
28FDEF667CD17A44281EC77D

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0xA5F8

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
39.5 KB (40,448 bytes)

The file setup_imgburn_2.5.8.0_dlm.exe has been seen being distributed by the following 6 URLs.

http://www.sharemegatowers.com/FZY3KspFr2Tt0jTYEsU1bSeK0pq0Hg0y_fsb ymTD3_mKddQKjllwprZWc2qvPm223jlAQ6Yqhgrj0fwTpyUmaawe72lYK82gLmNGK3cxmgTeCxEsCyqnji6zmkhvRSlcUI_xnbDRDQMo7FnYUPg93CItMNhGpp4x57DVvg2vxM2MRU88oP62Wr4maARHJoSh 941NrDEvO8o33bz0phfItn0baEep_Ih1DS7WlYybenb1z0S2sgeKvMotD5ulz3PnWn AFKdSVwIF702ucwyOfezMIRKfSrCEWFP8kDdZIEjZGL7jNZyHvKvvCor2Ik1QKYnvxftKV73sSezvWS fRAQuaUyhEdmVRPAqEfoDoEu5oj4HAiquv3MfNUPfA8lkiCtrIZ nZT1CA5z4hue53BgCgZ1N38T__LZrD2wybFX7id1tjMZwPXgXKdEicvZT51TDcuhGJz8MpFPiBFhJ6CJptzmw==-G3gAAMSWW2tE3QAGhkUtXf3JaZ1OOXBoBSXeduA7XuzOQx1_KhL7xmusoJkLAASlZOya41dhyj1fdPVCeG4xpZ19z fI_IwwuLdwk Byby7N_eIYNVjPaqwItQY=

http://www.sharemegatowers.com/IfhsCBCIk wCFHHSm1UaSX6ZgYMMd3T0XS8kTDgeidYkMmzrbqQMVGjTy3flrCb_4PEK2zhGERTh8uyRjuD2j5OQWcTO67qO0k 4OBcHDG Cqsx8W0nvSJr5rTkeMCzIv5UOviBsNPbU6T_xC3Oq2B8PKnB_GsNqXFHgyFszNK37WFKfi9XBWfEk6KwPwDOVNnczp7MkrGEz2AjJDL6mHeeh8nYtoGmSMgVCK07pNnvGxXHS_O uzLaHe1IzsdIw_liHoeQe51Tot3u3Ehz cByrwAXXZq2mnx0SuSKq61qj_Jsf8hhl9IF2fu8WEFNQ_VQTqVEwoZS2skASye7et6dcHi340KkvkyS4rphoGidHhFvfhmgD5Ndj9OMvoi1VkudWny8kKwrTZRvuvVAzewOnqqrya0XkHATc1Pb2EW3xeKNG3Xg3uwaxgc2i2cHpnfjQ_kRjUwVmRS_WLtQRBLIfM5B7_g==-G3gAAMS0Oecqxywsu36uAwfolAOHVlDibQe 48XuPNTxpyKxb7zGCppLA4CglIzVF7lVmHJfG1LHNwjPLaa0M22narevvyEI95bZgzOLbyiDFcChb4ZssLDjejZgAQ==

http://www.sharemegatowers.com/28oacy93PpaoSaZLtVFF815HiM jK23QEKHI4U i_Bnap6drLEliTn PevF 1lubeJdRZd4XGbwM0VkhQh8n pcjvsNgkwcGbUqTxMHrnNHdk08kkTKIDRcyvlIInrqYV_M8kkWvuAw8ybWBfufhkfGs_GlG6bkK24hPM6cdzI4_TAK2iHlS6_i82bA4ZM2T oJkfJ7oidJlQSRPlb6ve1yWpBmnRa2SDfDB_I82c_Ljc_ODDuQpl44A_fEaA1MT45Dgf5ojW wS1XMk9LEc47 TduOW5gi8nMdWyUFrrA_V5oXdrbdoL_la9Lkm xm0pW2PZ1IY_X2rBztyZc3sG2cCMWqNajpIXoJd6bdTyvVdibRQts6fwSWcYndlqbeWT69WS C0_UHKHk6yN8T2R6hKWUPwfUUGuyv1m5I 7kLDIH9UzAyz019CBvVmbyG2DNleGd_cCIfWcTEgRmHthrO5ybwbvQ==-G3gAAETVzbnJ86eDg7ixBMvejZDghlMOHFpBibcd I4Xu_NQx5 KxL7xGitospBEWErGLo__Kky58 XQXoXPLZa0c2T2b15nFTr3NqyEBhTOLYBjzrht12Z0tgg=

http://www.sharemegatowers.com/HcXVE9eITo8UgoqNgSRI66acyAFYoIJWJxAbiRB4pdtU09FNh1U16tgjZ8Abw1038c4Oh3ozhwv9V4sQSvbeEggV2upGnBXzFgbomnsYjbTlKkBj8GX fynX5oGFi5iXXORCT19R3TNV3IO1Lv93ldS4WLoycCkbJ53GhkpEvagE_ypaTIwBX1XUjQhXBeSx5sIq9XCj1rguDStkOPEffVNj6KJus8 Ztju3vjsnZGqlgbEFzSduKHNKBS0N8qKEgHSIXcHihdjzF 4KRxvATeubnLOybPttnixLN1uVcaF1NtTGTylznqYxEpbF34rrogjATo6RBq7TEeoF4QkNjRF1s6dJZb6t53TYgrnJG6SXbGc76n28F5pteVTQqWwNZeiEF9jHe5Cte35lEDzYhpqgulHSPjFlnIkQhnZrYgr3rcUPpkd6m69Srdt1OZCiwhsiM7BwftA0tCSfsJS5cjilxQzfVg==-G3gAAMRsW2uLCo67sUDIHob2 sOzikmnHDi0ghJvO_AdL3bnoY4_FYl94zVW0MyFJMJSMna941Nhyj0ftmJJ NxiSTub99Lf_9iFwb2rMjICFxxe1VTNLQ_oOJHIDQ==

http://www.sharemegatowers.com/SqBl7926P4cvet81 tEwV5wz_swF6FFPquiULufjGb5WHyns1SrsrzfgB2kxfT5zx8WTH x3LUAL4zduxUk0wS1liPyVzKkLQ2ySt L1cH6J_nTJa408LJE04Ijeo_CZ2kSbz7OdecL 0366p1xIWk_UcMjoWNgf2VTk Ruv5KcgmTcpXG9Sq5adEo4ViHQ04YCLmd8gVcb0hUTtsflGfzly3G0WjHF2MDaUxnNcEBdW4GXuvAeOugn8FKYNV4vxzzG9fXo9smnlYS9hi58UTxtKgehs6V0871jvaVxVnSRm0pSVarbklVADpcwBhkPEdDuL1OGwLkFAXNilOfoYkoj7FffWUkh QQJ_3Q98w9BFXFqnlDvkUfZdAMXoJBYr0xv1YmH1BWTW1AZB4vEIQemBqdL6Kut5KPklXAgw0EW0RyQ4z3IQ7eXtIlvRNYBPTZkeTNYNjOp9RLXjcWTKQaMpTvhnDg==-G3gAAMT_ttnaj8wRDX008IFnnU45cGgFJd524Dte7M5DHX8qEvvGa6ygeRgABKVkLD_Hq8KU 7lQjReE5xZT2ln_e8G_7SthcG PGL2OJkyrQhe2tX5Eo6d2zbuuHQ==

http://www.sharemegatowers.com/lka5qoMjzgEwWLsPF_AijQ4toVzcODY7WUA2VcHEFzAAMSk6GzNX1ZI29ikIl 65TO1GdGnT1d_uLK2GGV7TOZgZCug_dDuNbpybJSWE7y0ONPmbJqzRTgkdVUEFno5BtEiBWvw_sqYzQmgFJtVA94hVDYssrv5spB2hmT7JybuDDcRG0IkCUidDreMEgH28Zg4riS2mOh ECZ1 TBq2V_gqy8zI61zHNPZwokH3sB2exCPwS3wKKWUg6p4J5qBD_9XYq_iq1Hokmc47N8cDTe07QDZD98FMOFbtL IGc5OywU23 LOZE8mKhJrvDitwJur253zV5AULG9IMN67rzS503hlSMSV3HzVpFcNqMgyw1AV5SJld0T_F XDA6JeV6gcwYmkWeYgnGXWO0ec 2AZb8tr4kbanZQ7eKJ5E6xZijsTBP2NQFlbkMWpv8Sqt9c25mp031JFmg78ngaauM4sBlaiQA==-G3cAAESLba19RCWLJULh2MaRcXUcOKwNNrDnr4O9DkR3G8PheKJCBL14jVU0pwMAwVAKtrvzcmGV9zxQR6lneG6xte26n_9m WiA9Nig3AMlJrH8KEQSroIY Kw0BA==

Remove setup_imgburn_2.5.8.0_dlm.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.