A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #32427  by hackr8
 Fri Jan 11, 2019 3:41 pm
A sample I found in the wild a few days ago. After a small research I found the following information:
Microsoft classified this as: PUA:Win32/FusionCore
It might be a variant of Install Core.
Contains Adware/Bloatware.
Installer made with NullSoft.
VirusTotal:https://www.virustotal.com/#/file/d7dea ... /detection
HybridAnalysis:https://www.hybrid-analysis.com/sample/ ... mentId=100
Direct download(dangerous): hxxp://download.imgburn.com/SetupImgBurn_2.5.8.0.exe
Dropped File: Fusion.dll (PUA FusionCore)
https://www.virustotal.com/#/file/c45c0 ... /detection
Attachments
Password: infected
(3.78 MiB) Downloaded 13 times