LMSetup.exe

Status: finished

Submission Time: 2022-01-28 23:40:40 +01:00

Clean

Evader

Comments

Details

Analysis ID:
562516
API (Web) ID:
930038
Analysis Started:

2022-01-28 23:40:43 +01:00
Analysis Finished:

2022-01-28 23:53:36 +01:00
MD5:
c915a8370a016f079adfea57cc00b46f
SHA1:
07b31c5bcad7bc0e9da24a46f180001709e1dbe5
SHA256:
315d36c57e181df7ee2730361847fb4311eef889df19c2ba8bd00759c46465e5
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	clean Score: 10	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

URLs

Name	Detection
http://wixtoolset.org/documentation/error217/
http://www.fontbureau.comitudi
http://www.symauth.com/rpa00
Click to see the 41 hidden entries
http://appsyndication.org/schemas/appsyn5rss/channel/as:applicationKDid
http://wixtoolset.org/releases/sMicrosoft.Tools.WindowsInstallerXml.Extensions.Xsd.vs.xsd
http://www.fontbureau.com/designersd
http://www.fontbureau.comp
http://www.fontbureau.com/designersb
http://wixtoolset.org/
http://wixtoolset.org/telemetry/v
http://en.wikipqxg
http://www.fontbureau.com/designersl1
http://www.fontbureau.com/designers:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
http://www.fontbureau.com/designers/
http://www.fontbureau.com/designers/cabarga.htmlD
http://wixtoolset.org/releases/uMicrosoft.Tools.WindowsInstallerXml.Extensions.Xsd.sql.xsd
http://wixtoolset.org/releases/wMicrosoft.Tools.WindowsInstallerXml.Extensions.Xsd.http.xsd
http://appsyndication.org/2006/appsyn
http://www.fontbureau.com/designers2
http://www.fontbureau.com/designersUK
http://www.fontbureau.comalsFT
http://wixtoolset.org/news/
http://www.fontbureau.com
http://schemas.m
http://www.fontbureau.com/designersJ
http://wixtoolset.org/releases/feed/v3.11
http://www.fontbureau.com/designersA
http://www.fontbureau.com/designers?
http://wixtoolset.org/Whttp://wixtoolset.org/telemetry/v
http://www.fontbureau.com/designers
http://appsyndication.org/2006/appsynapplicationapuputil.cppupgradeexclusivetrueenclosuredigestalgor
http://www.fontbureau.com/designersDC
http://www.apache.org/licenses/LICENSE-2.0
http://schemas.micro
http://wixtoolset.org/releases/yMicrosoft.Tools.WindowsInstallerXml.Extensions.Xsd.netfx.xsd
http://www.symauth.com/cps0(
http://www.fontbureau.com/designersS
http://www.fontbureau.com/designers)
http://www.fontbureau.com/designers/frere-jones.htmloW~
http://wixtoolset.org/releases/
http://wixtoolset.org/releases/uMicrosoft.Tools.WindowsInstallerXml.Extensions.Xsd.iis.xsd
http://wixtoolset.org
http://www.fontbureau.com/designers/cabarga.html

Dropped files

Name	File Type	Hashes
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\cs\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\no-no\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\nl-nl\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
Click to see the 97 hidden entries
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\ja\readme.txt	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\it-it\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\hu\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\fr-fr\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\fi\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\es-es\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\en-us\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\en-gb\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\de-de\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\da\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\pl\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\NotificationGUID.txt	ASCII text	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\zh-tw\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\zh-cn\license.txt	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\tr-tr\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\sv-se\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\ru\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\pt-pt\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\pt-br\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\pl\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\no-no\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\nl-nl\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\en-us\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\ru\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\pt-pt\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\pt-br\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\pl\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\no-no\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\nl-nl\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\ja\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\it-it\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\hu\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\fr-fr\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\fi\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\es-es\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\ja\license.txt	UTF-8 Unicode text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\en-gb\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\de-de\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\da\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Strings\installer\cs\strings.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\zh-tw\readme.txt	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\zh-cn\readme.txt	UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\tr-tr\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\sv-se\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\ru\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\pt-pt\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\Readme\pt-br\readme.txt	UTF-8 Unicode (with BOM) text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\plugins\InstallerPackages\printerinstaller\manifest.json	ASCII text, with very long lines	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\FWWindowNative.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\FW5JCore_vs12_x86.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\FW5FWSDK_Net45_vs12.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\BootstrapperCore.config	XML 1.0 document, UTF-8 Unicode (with BOM) text, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\BootstrapperApplicationData.xml	XML 1.0 document, Little-endian UTF-16 Unicode text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{06CB1A7C-0362-456A-A8DC-276F5C54CBCA}\.cr\LMSetup.exe	PE32 executable (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Temp\ugtn53ek\ugtn53ek\ux.cab	Microsoft Cabinet archive data, 7941732 bytes, 111 files	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\plugins\~state\40d704470259297f93bee626c12b71fb_Installer_state	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\plugins\packages.json	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\plugins\InstallerPackages\sdk\sdk.zip	Zip archive data, at least v2.0 to extract	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\plugins\InstallerPackages\sdk\manifest.json	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\plugins\InstallerPackages\printerinstaller\printerinstaller.zip	Zip archive data, at least v2.0 to extract	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\FullInstaller.zip	Zip archive data, at least v2.0 to extract	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\plugins\InstallerPackages\installer\manifest.json	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\plugins\InstallerPackages\installer\installer.zip	Zip archive data, at least v2.0 to extract	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\plugins\InstallerPackages\dsdk\manifest.json	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\plugins\InstallerPackages\dsdk\dsdk.zip	Zip archive data, at least v2.0 to extract	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\plugins\InstallerPackages\Lenovo.UNI\manifest.json	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\plugins\InstallerPackages\Lenovo.UNI\Lenovo.UNI.zip	Zip archive data, at least v2.0 to extract	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\gui\cacheid	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\gui\9511D742-CA40-42CE-A2BE-0175921F1BCF\memcache	data	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\gui\9511D742-CA40-42CE-A2BE-0175921F1BCF\5ac5cb72096d48a6558be5f0603b9946_welcome	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\gui\9511D742-CA40-42CE-A2BE-0175921F1BCF\5ac5cb72096d48a6558be5f0603b9946_defaultmenu	HTML document, ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\gui\9511D742-CA40-42CE-A2BE-0175921F1BCF\5ac5cb72096d48a6558be5f0603b9946	HTML document, UTF-8 Unicode (with BOM) text, with very long lines, with CRLF, LF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\JBM_User_vs12.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\it-it\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\hu\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\fr-fr\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\fi\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\es-es\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\en-us\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\en-gb\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\el\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\de-de\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\da\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\License\cs\license.txt	ASCII text, with very long lines, with CRLF line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\JBM_WixInstaller_Static.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Users\user\AppData\Local\Lenovo\UNIInstaller\cache\cacheInfo.txt	ASCII text, with no line terminators	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\JBM_System_vs12.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\JBM_StateMachine_vs12.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\JBM_SNMP_vs12.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\JBM_Resolver_vs12.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\JBM_RAF_Static.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\JBM_Propertybag_vs12.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\JBM_PluginCache_vs12.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\JBM_Locale_vs12.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\JBM_InstallerUtils_Static.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\JBM_Encryption_vs12.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#
C:\Windows\Temp\{58155FEA-9500-424F-A76C-4B75D45447D7}\.ba\JBM_AppConfig_vs12.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#

LMSetup.exe

Comments

Tags

Available tags:

Details

Joe Sandbox

URLs

Dropped files

LMSetup.exe Options

Comments

Tags

Available tags:

Details

Joe Sandbox

URLs

Dropped files

Search started

LMSetup.exe