home

filemenu tools (x86 x64) provided through lopesoft.exe

Interactive Install

IMINENT TECHNOLOGY SRL

This is the SIEN AppScion Installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application filemenu tools (x86 x64) provided through lopesoft.exe by IMINENT TECHNOLOGY SRL has been detected as a potentially unwanted program by 19 anti-malware scanners. The program is a setup application that uses the SIEN SuperInstall installer.
Publisher:
Live Soft Action S. R. L.   (signed by IMINENT TECHNOLOGY SRL)

Product:
Interactive Install

Version:
8.36.2.2

MD5:
5b3a1b08c68fc3d0eb2209a44ba77565

SHA-1:
d46ecf7de81e050646b061b0ffa5ee4eb5e8ee09

SHA-256:
beb0481ce9716b6258268847b616d631e18a5ee64aa34ffb0b162947fb2865f7

Scanner detections:
19 / 68

Status:
Potentially unwanted

Description:
This is an installer which may bundle legitimate applications with offers for additional 3rd-party applications that may be unwanted by the user. While the installer contains an 'opt-out' feature this is not set be defult and is usually overlooked.

Analysis date:
4/26/2024 12:06:47 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Riskware.Agent
7.1.1

Avira AntiVirus
APPL/Downloader.Gen
7.11.173.38

AVG
Generic
2015.0.3348

Baidu Antivirus
PUA.Win32.GetNow
4.0.3.14917

Dr.Web
Adware.Downware.8460
9.0.1.0260

ESET NOD32
Win32/GetNow.C potentially unwanted application
8.7.0.302.0

Fortinet FortiGate
Riskware/GetNow
9/17/2014

G Data
Win32.Application.Getnow
14.9.24

herdProtect (fuzzy)
variant of epson expression-home-xp-312 driver provided through paweldrivers.com.exe (PUP)
2014.11.22.12

IKARUS anti.virus
PUA.Getnow
t3scan.1.7.8.0

K7 AntiVirus
Unwanted-Program
13.183.13417

Malwarebytes
PUP.Optional.LiveSoftAction
v2014.09.17.08

McAfee
LiveSoftAction
5600.7004

NANO AntiVirus
Riskware.Win32.Downware.devyht
0.28.2.62151

Panda Antivirus
Trj/Genetic.gen
14.11.22.07

Reason Heuristics
PUP.Installer.IMINENTTECHNOLOGYSRL.t
14.9.17.20

Sophos
Generic PUA NE
4.98

Trend Micro House Call
TROJ_GEN.R047H06I414
7.2.260

VIPRE Antivirus
Threat.4150696
32938

File size:
667.6 KB (683,624 bytes)

Product version:
8.36.2.2

Copyright:
(c) Live Soft Action S .R .L . All rights reserved.

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Bundler/Installer:
SIEN SuperInstall

Language:
English (United States)

Common path:
C:\users\{user}\downloads\filemenu tools (x86 x64) provided through lopesoft.exe

Digital Signature
Signed by:
IMINENT TECHNOLOGY SRL

Authority:
GlobalSign nv-sa

Valid from:
7/15/2014 2:59:54 PM

Valid to:
7/16/2015 2:59:54 PM

Subject:
CN=IMINENT TECHNOLOGY SRL, O=IMINENT TECHNOLOGY SRL, L=Bucuresti, C=RO

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112117283610FD537B23B681DB2FB2853FE5

File PE Metadata
Compilation timestamp:
9/2/2014 2:44:03 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
12288:mIZvhoKaq5wyyN3LTKh5zvEK4J3swMPy204MSZRnp0z9YZy90ic:mAoKX2IAK4J/M62RMSZxSuy1c

Entry address:
0x1897C0

Entry point:
60, BE, 00, B0, 4F, 00, 8D, BE, 00, 60, F0, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.8971

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
572 KB (585,728 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.