» setupimgburn_2_5_8_0.exe
Overview
Analysis
File Details
Downloads (12)

setupimgburn_2_5_8_0.exe

Figidusa

InstallSpeedy (New Media Holdings Ltd.)

The application setupimgburn_2_5_8_0.exe, “Figidusa Setup ” by InstallSpeedy (New Media Holdings) has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the installCore installer. The file has been seen being downloaded from www.capitalcenterdl.com and multiple other hosts.

File name:

Publisher:

InstallSpeedy (New Media Holdings Ltd.) (signed and verified)

Product:

Figidusa

Description:

Figidusa Setup

Version:

4.0.2.1

MD5:

cfe51d54f249eea3e250838691c53c9d

SHA-1:

22108f391a0cdf3862627cca2ae842782b234c00

SHA-256:

7514741bc382b353e25949adb74d5d6483eae9e0f2faf542ebe5b802edd31d29

Scanner detections:

1 / 68

Status:

Adware

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

12/27/2024 4:14:59 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.NewMedia.NMH (M)

16.7.25.14

File size:

948.1 KB (970,896 bytes)

Product version:

2.7

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Inno Setup)

Common path:

C:\users\{user}\downloads\setupimgburn_2_5_8_0.exe

Digital Signature

Signed by:

InstallSpeedy (New Media Holdings Ltd.)

Authority:

GlobalSign nv-sa

Valid from:

3/15/2016 5:40:35 PM

Valid to:

7/11/2017 4:28:33 PM

Subject:

CN=InstallSpeedy (New Media Holdings Ltd.), O=InstallSpeedy (New Media Holdings Ltd.), L=Tel Aviv, C=IL

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121F59EA8A6B04CAE5E738F6CB09D295BDB

File PE Metadata

Compilation timestamp:

6/20/1992 12:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:hdv6k879NU9ZgkD2zeEkxBVJOOZg7Wr+Fk6xcJ4oBWY:7yD9yZgA2zeEkx9VZg7q+FnxJ

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file setupimgburn_2_5_8_0.exe has been seen being distributed by the following 12 URLs.

http://www.capitalcenterdl.com/uBefRxb4 deOjVFm ncwpIg FWDeFaBNaNdwi4Q_pbrKhkarPYfR6iC0u3exOS8i_XIRq6SJPX_oOwxv98Ep3fmOoS0armiqET1qcm5KXl4FOP0acDhkwi7dDmutdZ5aAxAxWf WY369eRftNL3LEliTIIrBPaGN L5iyglE29u1flCS2ScvhHUknEi3cRLTFMCimy2HaQI7pM2eiy2SrDNjCT5OxiTzjr4mlzWLJX7aJlOhO_eVBWoRz7o2DsH78x9MCNC WHPDurEskRzn7QG9RjZ0_KChJtEbotgbnwtWS6hrvazITWapaCkJauk4edO8KiXkDmw4RCzZHHI4E2lEvqTZxxV8iOkFqmwRhUFX9BHZybm2jkCrpPRtwYUH2CbdBygpgmuEAMCTBAmwvz46937c2X9Oy8dhSM9aR83CcI9zJ4tD8d05rKhWrmmwWC92rjTR4 RydoZuqQEO4nzIoa3mawIiFr5m5pYFp9dnUH79Iokr_POs8Ngo0zIh4D6kj1a3-GzkAAEQ3F5Mh2oIiiKAb J DQw7Y_0VSYBh4DJ9j8Uj5ZI1Rvr9FIS_ZR4IfwYA1LSr0 FCtSTs=

http://www.capitalcenterdl.com/Yg1 72UceZkMX WE7xmsUT7Lo7Zby0_bf1xS8eOf91f05ylT47Epx39AiNA0M0IIcCpls5_M1VJHBAcLoGGMgzFdUgu7emJC2EyzXbb9eTrAnOqy3uewQ1A7pjn9jhDuD27dbqFN0iHdA0yjudvAoEhN1jw11aBkFjQbtFTfl6q4_qSZOCf73ohYfw3c_hLVNri_Uk11bIwfR XyiaBYbPtIAhPwdK841WaLjSfbxTACAzXVkbcEHtSpYxrUkYeQEr4FF9PbZpyqF6kLfynZAqo3csKmwp7pFiM3FGGdBrSkLAfqH1BxHDZZCZLi AqWMdSGIz8 SpwfQAOY_OeO_0d4ZYC0d1nwco2yHEZ7R4uadOT_aa4Wp8IhT_E0bGcv439z059dj DUGYq pw 90cUhX5JyGsGq9ftDqL nWJm0tS5jRb9v443pYks7ryz9X Xj9GDV Mx0_lmFzw NDsHjajHGKSPw2gN0pP1mtI Ghd7Facw=-GzkAAEQ3F5Mh2oIiiKAb J DQw7Y_0VSYBh4DJ9j8Uj5ZI1Rvr9FIS_ZR4IfwYA1LSr0 FCtSTs=

http://www.capitalcenterdl.com/sOVRKzAivs0qvPEyFimuFmATNjcL F4OoATTeeUEBffGFb5Y0VAIaun0xUxx6DBvy Z_7AuoJHGjMgJm_zJRT9nivxjhCn5_hf46iHAnrRaSI9ftaqfYkJgkTqUWJy5oloN7qELEJBOLn_KvZwf P0VTa0TrRlw5YCexF2cTYYz_MhtWDPV3Hu82ZP3MjnHtWmVSmhlrq8dXog YeixBiRwOOqKH6gn3DG1mLH2VtgGYtLLbHyR3xRpOCgDu0v5LKiakFxJ8k0cCmy2kB2mOF49qHpAyKc_qB6dQfhZh_ibFDcUfWQDZkB2mjhugdJenW7iqtxv8uaiIC2JeIXegCxFZjOWKvHNeZETCxGj1S0u44ZBdZ2ZNUxFAp8_ cdqNjCfmNbqPNeRA7GMoPTbdpMMQiOhCRDSzC29FUPC CwnvMbqm4w_RwdZ6wbLw00krhfpXM720OMUtgpZfco1OcOxwrtcwK1ZFJHpAO75u0Y1U_KjGyg3Urb0CEPZTeUGsCPos5at3-GzkAAEQ3F5Mh2oIiiKAb J DQw7Y_0VSYBh4DJ9j8Uj5ZI1Rvr9FIS_ZR4IfwYA1LSr0 FCtSTs=

http://www.capitalcenterdl.com/xYAXSJ8XI_tmrky4bvOzmGlQ1gqRmgcw4yThyhCZWDS4hontMpT9zhlowEuOX7IWPcFVS8A0cbmwHsG9t7MYUceQy9rfXOjIzEwki1nceve_OucKv1U0XbxInAlCQjwMICcRN7XXHnfAzYEdVYXvH8putkQOO6yZl1jS20QCfcZbX5bXkvGhxKYXeWMWhJinWX0qKD5WiSPsf0F59bF6OMnPQtWJez 3dujsp3jqp38W 5f2Ne8ymHVyjdX1KNSrupDTIZ8L9Jj8NMbxJpSSPwucgtA2DQaOM_gzm zJ8ia8J9GgFHHL1BPCbVhHOqclQ X9cEo4cR5HLTvFoPA7YOuHTiUlQgdXbSktIs cqfnFlsHa8HbNZiqk1YgiOwcv4PKJSFWlC_OQy8DleJXDwSekuAr8XnkJzLdsQMmYQ JH2SJn2FxXPgInTO7m7pZDV1gOu0 jdVoSGDagWYi4usbP2J2PyGdlFhO6o yUWceO3 Ndoc7kdqCCyTaseZdgE52dpha-GzkAAEQ3F5Mh2oIiiKAb J DQw7Y_0VSYBh4DJ9j8Uj5ZI1Rvr9FIS_ZR4IfwYA1LSr0 FCtSTs=

http://www.capitalcenterdl.com/usu_UHyRQgzq FKp4jUpa46naX3m3vys8p1RPDhOnibRHGrflVA1MtTok 1HOMBFZQ5flCI3aEgPiqaVi_OuLb_8XCKlTmLULrmwmX601ROk PXAmYIXHKiF_E8AexGIXXNcWPKizJr2_ afVk_m0OuDrPHs8k2moIxV6oMcnaLTZWWcvB4A PsyYqaNTct8WagbG _lIhF_RKxFOI3zniOrNdWJ3iVZI_1NElXpY2ZIqXV2hbH 0YSvsh4UPt6sNDfJdQIpMF6g1MzC7BuFrFohImsV3TPILIvKP5FJpItHa0 sCDKEv30RFTPOr7f51tKjFrZgh8l0uBPr74v3ORYcsP6AXhgLXYpXa27vkk_V1CZ2eY9aP56g_8hG9sZlUtWaH Nb8vdy_bFYneZnnpOTvNyC3C58sPotSAzob0dvYoyZaiF37yV8YTx6tP74vHh4mR7nVfQn1uehdsmIrREat2ED5Z7GRMoZCUjej19RicWe4qzRC8DFYsBNGXJALNhr8Y7-GzkAAEQ3F5Mh2oIiiKAb J DQw7Y_0VSYBh4DJ9j8Uj5ZI1Rvr9FIS_ZR4IfwYA1LSr0 FCtSTs=

http://www.capitalcenterdl.com/Rq0Q BJEjPtDHRrZES6AAguaosr5bj14ZI_WMe ybLHSsYr7LrRzudwiyRdiSlnmhJh2vmbjsb5XReCsbqvBN9r Ew4whSMGhuUg88tm0QNn374EDr6RDpp4QdRf6gXtYCwlhrSbpkfHnw1psOmGNbhvBr0w5FSJViWuZRrU7N6yJIIUM7oq1hxv2_t3DD2HgIib96UnfXCn3G3UTcnInUI6y3npsKEgWaBPeG xH11FpggT_zm8Yw9s80cp Z5nbHzCBKWVfkCrb3k4Vi8g9jt6ZCbrsdFDK39rnZ1qOcaXeOxp2gp1TSQBHPq5q2DPIIxZzw22UN9sP0Zn1TJmoY4xmTHbpysUM2PjQe8HqBpU8twtLkwQebT2rq5uqwZ9C7s0U8L5Ae94kGghPbYGEafOlDUtjTsXbt2GUp5I30ulwqa87o47yHkdavlwETy0cjMbOcXkXHiDpf4BHD4J Kapd0HolCIZVtjvyoySJptZZa2i66yB8tS5LHU3fIjYVURhylId-GzkAAEQ3F5Mh2oIiiKAb J DQw7Y_0VSYBh4DJ9j8Uj5ZI1Rvr9FIS_ZR4IfwYA1LSr0 FCtSTs=

http://www.capitalcenterdl.com/R0yWofXPas18zLI7AZScbTtV0RfvSwXe_jooSHBxEwl_1FON h27u4MO2lbXfte FfKnDnZEODxq98z2PaLj1wnEEUa21T9TmeoWbQl5dvxAx6zp27MjXsNSAxwgHjfVPKhRbPz0VjQO87Ket1PipBVY994atNVxIiOJQl1hOhUwST3YbVZs7jPj42gARHJ QfoTZ7v7JLvZxoB1R3mcSkNCrpTW9FhAX_eTHlzBJTn7cyNbgoyd6H7it9_FY8rdhv_8GT9pxMYKg_v2S5mvjiCOSn0q5MRghQlwN4yGcctWAtTfv0lZxQgnIMQwxnpi65Th4LrzzbvSsJfoXzBpbE VuYEnuNStUtpcy24AGY9DJHmnd79XEU_mDSMQcBeRsqnyBmHxez0PbStCdVIclbvFdnLZOiYXbwKOHkymx7sou2c_SGcmQenJ0upF4R7Fma3Tj5BUWGa6vIyuAkBQFVw2s9LWvq0_oVyPWrfLjgMP4aLHI9xInMMLd9iV8kbO1me4Y_SS-GzkAAEQ3F5Mh2oIiiKAb J DQw7Y_0VSYBh4DJ9j8Uj5ZI1Rvr9FIS_ZR4IfwYA1LSr0 FCtSTs=

http://www.capitalcenterdl.com/RRU3iS4gVRHbeB8vdz3F0gHnle6XGICWsjB x1MmneYkI8xg1cqp2x 5qdY54zRfnb_pdrXne8816jogVOLPLcGlKPukEgobu1Lb3rpj9BU8vqngvIhINq08QUnnzP4k9D qOxKi9zyiTE5b1xHlwVQu_x9_XLPW QMbE8XZYGQHLiDgWpUygNuTa2hYztQ7fOB2uL2DmQcdSXxg_J0BREQTvAsMSO4UmAG_32n5D9OtOirti_lVrihS7Z4Mx_qyUN0fGdAF5x2Mn0N7LxzPe1OhXw Yw90P2jTCL22YIqXxwdwKXXhPi8y9cuzdqjbk1kW16qlco5C1Modgdohxm2w8A7RDsNLn1dfkjIXmROcNxK 9pQaP_waouTHAfJCtNOM3DCjuLAtLV1uHy8kGJFQN5ihyDTDKO4j146i5gbfbnWKen9JUlFU ydymym2KZ99l4k6c7QHckqTtd1Po1ZuM6kpm_dKFjxV 85l0mDKeVHKlEVDpqXiuYaE9Yr1 jPAMVUN3-GzkAAEQ3F5Mh2oIiiKAb J DQw7Y_0VSYBh4DJ9j8Uj5ZI1Rvr9FIS_ZR4IfwYA1LSr0 FCtSTs=

http://www.capitalcenterdl.com/TM lc8vk 0hIKDGHZSk960UunTJEWFCLTyEmdvlZQzASXsZrL0yIK4ATB9k2YifX58Gw1IaX2mjaGZhH8qwJyzkaXkZ4pLVhK8LnKAlgaOAJ wpbziOFthQAVrsPMjHLtMoxRotAyGvfLuEturLiYs9sITTadzrBYbIw99J5l4GF34WDOybU3VfV dFzGCi7T5bLTB CMJ d33HEqB MVba8K8JtSzg7sx1KRJKc c23pDwu7XmYDtsAr6SREtvkoj62Qyj9whxVCaNnoSzZs_X8YQKCmnB_mJ12YZhLj94I yZN7V1J1NHgJ8KoLaEtcjmrVQIdi74W9nsvyXOF4vU5W9JArdMD5pR5QsTbw0JgcdtKZYziHjI_02CPSljxQRoDaUPg4Ry1hewWrSfnj 4IDWBcSe8Hk1GAiLySbHH rOSSXxtupgCFlX2KY66Giy 1KLbDhR8ANUrBUcCQbrNanAuKHKLeTTuuM5Hm THpD9Y96Y=-GzkAAEQ3F5Mh2oIiiKAb J DQw7Y_0VSYBh4DJ9j8Uj5ZI1Rvr9FIS_ZR4IfwYA1LSr0 FCtSTs=

http://www.capitalcenterdl.com/7I1okvJOEg1vP_YPptUnJwKOlGoT9mrGmG9oRa2FCFuXtaCqQUUb8tCvimEB87gb10uK8vyD qsLLyDaPnc_5_Kv2fb2j 9IHRITiu8hpj4vroQLBqU0huMwOMUSyAZqA5n7FVFLG75Ymi4DutIAvxg43JriagZKIuVZuLY51f3XcrLqb3qVXFto7aSW_UElSmS9u7WGPrTQ_dMN4oDrhnZnhEiP7VnqjMyNqvIps2qMd3LJu0Mx6e9m7YLCMVD75Vrawtj6HF9P9oz_7 BDmemW_ia8Lp_H3gB773eI7y5rIrXWTTrLa6FNCjipg6PSlSNHCpE62pq4aYIiSrRXyf1U9FqUMlgkdUA9J5hxDxk0mk4b6tzI20_aACJOM GDfiN2Ls1VZeRh8JdJYU7lcJmRNiqpU_tvisIYQQVkTBjDX_CkqeVd_nr9pxzbNL 7MKT6WyLtEjwTyNJcuA4cfsvYixTjC8diqjD6_Fw9fSfiyKs7j486GVE2TUoZ7UiAnidF1EVP-GzkAAEQ3F5Mh2oIiiKAb J DQw7Y_0VSYBh4DJ9j8Uj5ZI1Rvr9FIS_ZR4IfwYA1LSr0 FCtSTs=

http://www.capitalcenterdl.com/R6jmICM65 9TeQ0D3tHXQPBOAiieEECc_nHqANdi96oPnDZr66d7RIxbo7uYoseexavyPqWD HaiNC4fJiFi2k6wAvhiJFTSApuHhrF5j3mJ73M2p_MvOrq9Dsku8Yg5BkDeU9MptrDauGLleM842oslzbIr9J97dwtck1UKxtgHFTxflHvWb8a2bcEhL1eKcsu4e04k1N6VubY1ebc4YEyY_Yl6Kmh3dfbwbTk25fneKCAuk3cdPHtCK9BmMrh2LlFzk9CKZgI4bsFpuzKeBZ5Oc3XanQye5tB1109D_zjYbIwR7VkGGzBWZM9L 5GibIOpAj6KA_E2Ivf1Imd1tjvL6_PxsQO9xQRqOTcAGSxlLzidcOZa4VqQLuP1B3nXVLUvnUpCSUzB0lIgR3pJOdGUVOinHFIkVtogSm1a64kFv5naxlumj_bVqkKzgY 8WOCXHSoHK6XW_va1wf2R0Q512wtrCrLBhuDYmRStn6 y003OT9f3GpNr14P0bLYpU9ho6Mdw-GzkAAEQ3F5Mh2oIiiKAb J DQw7Y_0VSYBh4DJ9j8Uj5ZI1Rvr9FIS_ZR4IfwYA1LSr0 FCtSTs=

http://www.capitalcenterdl.com/GsXB2d1Ms1NupYYjDAwEbqT0Enn3 CO39vKKhBK1Havu7TWYUErKCurhTNhpQsbr5K uh1AvD0Bmtc1SH9CaAIJPpjw6I83yW NG84pLGYtXKx1pRd8S_BNs2jrY8RHIjHyyajY9fWMoP35pJuLYZsOCo m_gBVYD3kCWIXMz3PzRq6Po9Nn3sx wLok2DjAF6K5f HSb1sY0w3pYjKiFY5P31oFNaCRiBTjqSL6eFFJA yd8xIlY6mew 6x90_PBt2epT5KZ_agw0i07i6OZBmjfFMUW6Gtz46VjUR6WHFS0ZjdSR2dgiM1dkwoGH7ZThokOO40p3KATXgRWQTF07eRsVVs5KnDkvVGaLJmb2BC TBpA3sumUEe14SR8ZqbJBF9uDGaR1XuZsD7kXlwtWBZJi0NA_S0Eh81LOMeMYQjnvaumm65tCp9uCb9caq5uKj3MOqyoxhfZ5vavHjTsdIF7f39Ya5ZPvN5zekPq_yrINRVI9Xb F7XMKTZNQnmpjbC AQO-GzkAAEQ3F5Mh2oIiiKAb J DQw7Y_0VSYBh4DJ9j8Uj5ZI1Rvr9FIS_ZR4IfwYA1LSr0 FCtSTs=

Remove setupimgburn_2_5_8_0.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.