LI180_win-1.5.1.exe

Status: finished

Submission Time: 2021-02-25 21:42:13 +01:00

Suspicious

Evader

Comments

Details

Analysis ID:
358582
API (Web) ID:
619170
Analysis Started:

2021-02-25 21:42:14 +01:00
Analysis Finished:

2021-02-25 22:10:14 +01:00
MD5:
77d64242fbd270b5363d383b51075783
SHA1:
4c23d1f71ff19b5c046d8b1d750104a386f184f9
SHA256:
a48f199141b10a4d425fd128ac0bdfca75ec98741a3eacff11a67a3bbc4bde01
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	suspicious Score: 24	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
	Full Report Management Report IOC Report	suspicious Score: 24	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 Run Condition: Cmdline fuzzy

URLs

Name	Detection
http://www.installaware.comz
http://www.licor.com
https://www.licor.com/
Click to see the 6 hidden entries
http://www.ascendercorp.com/http://ascendercorp.com/eula10.html
http://www.ascendercorp.com/http://www.ascendercorp.com/typedesigners.htmlThis
http://www.installaware.com
http://www.installaware.com/
http://crl.microsof8
http://standards.iso.org/iso/19770/-2/2008/schema.xsd

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Temp\IAW1FEA.tmp	MS-DOS executable, NE for MS Windows 3.x	#
C:\Users\user\AppData\Local\Temp\mia1\installaware.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Temp\mia1\icon.ico	MS Windows icon resource - 6 icons, 256x256 withPNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 128x128, 32 bits/pixel	#
Click to see the 97 hidden entries
C:\Users\user\AppData\Local\Temp\mia1\finish.dfm.miaf	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\finish.dfm	data	#
C:\Users\user\AppData\Local\Temp\mia1\destination.dfm.miaf	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\destination.dfm	data	#
C:\Users\user\AppData\Local\Temp\mia1\componentstree.dfm.miaf	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\componentstree.dfm	data	#
C:\Users\user\AppData\Local\Temp\mia1\LI-180_Installer.msi	0	#
C:\Users\user\AppData\Local\Temp\mia1\Install Fonts EXE-PlugIn.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\mia.tmp	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\lang.loc	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\license.rtf	Rich Text Format data, version 1, unknown character set	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\mia.lib	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\mMSI.dll\mMSIExec.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\FC8C594\7AF51026\LICORC.jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2018:08:07 16:10:55], baseline, precision 8, 424x389, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\F4ED2515\3EF45B9E\ANSI_2011.xls	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\F28C57DF\B65B8ED4\chart_cie1931w.jpg	JPEG image data, JFIF standard 1.01, resolution (DPCM), density 1152x1152, segment length 16, baseline, precision 8, 663x654, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\ECC34BEC\3EF45B9E\ANSI_Ellipse.xls	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\E5444EFD\CD0E66BD\LI-180_Log_Example.xls	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\E379E83C\7AF51026\CRI2.jpg	[TIFF image data, big-endian, direntries=12, height=945, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=945], baseline, precision 8, 800x800, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\DC702C7E\E023D589\SiUSBXp.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\DAA0442\526B362B\LICOR-start.jpg	JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 600x360, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\D83B2FF9\7AF51026\tm30image.jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2015:12:30 17:35:06], baseline, precision 8, 800x800, frames 3	#
C:\Users\user\AppData\Local\Temp\mia1\progressprereq.dfm.miaf	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\startmenu.dfm.miaf	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\startmenu.dfm	data	#
C:\Users\user\AppData\Local\Temp\mia1\startinstallation.dfm.miaf	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\startinstallation.dfm	data	#
C:\Users\user\AppData\Local\Temp\mia1\setuptype.dfm.miaf	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\setuptype.dfm	data	#
C:\Users\user\AppData\Local\Temp\mia1\registrationwithserial.dfm.miaf	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\registrationwithserial.dfm	data	#
C:\Users\user\AppData\Local\Temp\mia1\registration.dfm.miaf	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\registration.dfm	data	#
C:\Users\user\AppData\Local\Temp\mia1\readme.dfm.miaf	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\readme.dfm	data	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\D532E401\20073942\mdd_0.ttf	TrueType Font data, 15 tables, 1st "OS/2", name offset 0x30a0dc	#
C:\Users\user\AppData\Local\Temp\mia1\progressprereq.dfm	data	#
C:\Users\user\AppData\Local\Temp\mia1\progress.dfm.miaf	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\progress.dfm	data	#
C:\Users\user\AppData\Local\Temp\mia1\prereq.dfm.miaf	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\prereq.dfm	data	#
C:\Users\user\AppData\Local\Temp\mia1\maintenance.dfm.miaf	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\maintenance.dfm	data	#
C:\Users\user\AppData\Local\Temp\mia1\mMSIExec.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\mia1\mDIFxEXE.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\mia1\licensecheck.dfm.miaf	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\mia1\licensecheck.dfm	data	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\LI-180_Installer.res	7-zip archive data, version 0.3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\409F08AF\B65B8ED4\box_information.jpg	JPEG image data, JFIF standard 1.01, resolution (DPCM), density 1152x1152, segment length 16, baseline, precision 8, 1396x416, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\383E736B\B65B8ED4\square.jpg	JPEG image data, JFIF standard 1.01, resolution (DPCM), density 1152x1152, segment length 16, baseline, precision 8, 36x36, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\36706E48\3EF45B9E\ANSI.xls	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\3575565E\3EF45B9E\ANSI_2008.xls	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\353AD105\E1510A13\USBXpressInstaller.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\2E5DCE8F\23667BEE\SiLib.sys	PE32+ executable (native) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\1EA7FD63\B65B8ED4\box_feature.jpg	JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 2152x581, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\LI-COR Spectrum\mDIFxIDE.dll\x86DPInst.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\LI-COR Spectrum\mDIFxIDE.dll\x64DPInst.exe	PE32+ executable (GUI) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\LI-COR Spectrum\mDIFxIDE.dll\mDIFxEXE.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\LI-COR Spectrum\Install Fonts IDE-PlugIn.dll\Install Fonts EXE-PlugIn.dll	PE32 executable (DLL) (console) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\LI-180_Installer.msi	0	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\44DB77AB\7AF51026\LICOR.jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2018:08:07 16:10:23], baseline, precision 8, 424x389, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\LI-180_Installer.msi	0	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\LI-180_Installer.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7z759F.tmp	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\III\7z.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\ProgramData\{E6FF8B17-66F1-4213-A668-EBEAEBBA4AEB}\mia.lib	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\ProgramData\{E6FF8B17-66F1-4213-A668-EBEAEBBA4AEB}\instance.dat	ASCII text, with CRLF line terminators	#
C:\ProgramData\{E6FF8B17-66F1-4213-A668-EBEAEBBA4AEB}\LI-180_Installer.res	7-zip archive data, version 0.3	#
C:\ProgramData\{E6FF8B17-66F1-4213-A668-EBEAEBBA4AEB}\LI-180_Installer.par	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\ProgramData\{E6FF8B17-66F1-4213-A668-EBEAEBBA4AEB}\LI-180_Installer.msi	0	#
C:\ProgramData\{E6FF8B17-66F1-4213-A668-EBEAEBBA4AEB}\LI-180_Installer.lnk	UTF-8 Unicode text, with no line terminators	#
C:\ProgramData\{E6FF8B17-66F1-4213-A668-EBEAEBBA4AEB}\LI-180_Installer.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\6DBFE203\342BBCE8\Cold.asz	data	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\D35647E\E023D589\LI-180 Spectrometer.exe	PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\D2758F69\B65B8ED4\cie1976.jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2018:05:23 17:15:12], baseline, precision 8, 1600x1600, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\C9AB7ACB\7AF51026\cie1931.jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2013:08:09 15:39:41], baseline, precision 8, 1600x1600, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\C3C84A4C\E1510A13\SiUSBXp.inf	Windows setup INFormation, ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\B7ED429E\E1510A13\setup.ini	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\AD9FE403\7AF51026\GAI.jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2013:11:20 16:36:56], baseline, precision 8, 394x472, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\A3F0088A\23667BEE\SIUSBXP.sys	PE32+ executable (native) x86-64, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\9847A14B\B6D77E4E\ESPD_LI-180-000.xls	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\8C4586D2\7AF51026\cie1976.jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2013:08:09 15:30:04], baseline, precision 8, 1600x1600, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\774E815E\526B362B\LICOR-about.jpg	JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 145x435, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\7493ECCE\C0705257\CIEO.CFG	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\7021623\B65B8ED4\chart_cie1976w.jpg	JPEG image data, JFIF standard 1.01, resolution (DPCM), density 1152x1152, segment length 16, baseline, precision 8, 663x654, frames 3	#
C:\ProgramData\{E6FF8B17-66F1-4213-A668-EBEAEBBA4AEB}\LI-180_Installer.dat	ASCII text, with CRLF line terminators	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\6C0AF2E8\BE4A257\LICORlang.ini	Little-endian UTF-16 Unicode text, with CRLF, CR line terminators	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\6B481F13\B65B8ED4\cie1931.jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5.1 Windows, datetime=2018:05:23 17:14:42], baseline, precision 8, 1600x1600, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\6B339451\B65B8ED4\chart_criw.jpg	JPEG image data, JFIF standard 1.01, resolution (DPCM), density 1152x1152, segment length 16, baseline, precision 8, 674x635, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\67ACD331\98FBEBF9\Reference Spectrum.xlsx	Microsoft Excel 2007+	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\655FCA3B\B65B8ED4\box_basic.jpg	JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 646x416, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\655BFA89\B65B8ED4\LI-COR-logo.jpg	[TIFF image data, big-endian, direntries=12, height=684, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=3447], baseline, precision 8, 800x158, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\609B42C1\B65B8ED4\box_feature_ppf.jpg	JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 2152x498, frames 3	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\587D056C\9426740A\CHK_20131028_165820.xls	Microsoft Excel 2007+	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\55E6A65E\DBD131B5\SIUSBXP.sys	PE32 executable (native) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\51845961\DBD131B5\SiLib.sys	PE32 executable (native) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\7zS5C99.tmp\data\OFFLINE\453607F8\E1510A13\siusbxp.cat	data	#

LI180_win-1.5.1.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

URLs

Dropped files

LI180_win-1.5.1.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

URLs

Dropped files

Search started

LI180_win-1.5.1.exe