172396903_stp.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
MD5:
6f27a144ef0420f66df4a4891f900398

SHA-1:
d223256dc6a5647fc82ad4b0830b1c6892befff1

SHA-256:
8d7b920bbb9d292a98e2bd59bbcf35ad9714be19c76aec57751e093c912371d8

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/15/2024 3:58:55 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
PAK_Generic.001
7.2.355

Trend Micro
PAK_Generic.001
10.465.21

File size:
2.7 MB (2,831,657 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\172396903_stp.exe

File PE Metadata
Compilation timestamp:
12/24/2007 7:04:33 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:z2P2GpPGpi/fcwKIwVf16pq/w4BhpCkwLD5b1YsxaUAjXJVJlqToRQgeFwCbJFDL:zQZGA+Im/w4/pCkwL5vxaB5E9tL

Entry address:
0x3247

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 90, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, B8, EC, 42, 00, E8, F9, 2A, 00, 00, A3, 04, EC, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 20, 90, 42, 00, FF, 15, 58, 71, 40, 00, 68, 18, 92, 40, 00, 68, 00, E4, 42, 00, E8, B0, 27, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 9E, 27, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23.5 KB (24,064 bytes)

The file 172396903_stp.exe has been discovered within the following program.

CdCoverCreator 2.5.3  by thyanté Software
www.thyante.com
About 3% of users remove it
 
Powered by Should I Remove It?

The file 172396903_stp.exe has been seen being distributed by the following 49 URLs.

http://gsf-cf.softonic.com/d22/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=33762&instance=softonic_en&type=PROGRAM&Expires=1456940276&Signature=auw3wGXtEpQhAAvXViGrEtfohJfewhNNJhT4CchP851xGAZNED~8gi8Z6nFovXWw2ICyPKqnV5n43phra~TFy~6vtnmtc23eU3T2~l3hUm2gpdmVfEOn9wnDUFRZncXEdPydOY705~xrsqJVVpxPA5xx~4KczdK8t4orewCgOjI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CdCoverCreator-Setup-2.5.3.exe

http://gsf-cf.softonic.com/d22/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=33762&instance=softonic_es&type=PROGRAM&Expires=1485848333&Signature=d1wDKQPRic4ixPKvspgIbm58vQAArm7hv1evRa~4XoNaV7x~GN8wVCRH3zNEzC2Hfy6F7UTpw732PXi5fxhVwbM-domYXJLLAmOrvWnU5AJCZeYwT8Hrp5T5eClDeBm8lWEQlveu5K6hs6PBnt4JN1cZeNiiF2Tjsam0HE2a7AQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CdCoverCreator-Setup-2.5.3.exe

https://cdcovercreator.en.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAO/UOXmgi3za88T m8hroCom0/.../DZIQJgpDAY0hxdUzpUHgJcnL4MQ3jInlTaEhDaVpKVSO04u73YVwnvQO7dcIwGovONR3f7TzkKjaEZ0fMVzW4nwIJtfIUw4jOxA=

http://gsf-cf.softonic.com/d22/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=33762&instance=softonic_es&type=PROGRAM&Expires=1486634000&Signature=LiEMWDRxn9LSO-QErKFIhZkhZ747WA1Lm9fd2eudwvubAvOTL2Iq6JwMeMO6XKa1tmw1-z0THMDPlRRiJX~Yph-r5z73YBHtmqM0KKs2y9wX~I8sgj1X9wCQhcAotBZGumM2fhDxb9jW3UHY1UbA~LOEKfl0Cl9uHgCMklpWOjU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CdCoverCreator-Setup-2.5.3.exe

http://www.ranchsendgift.com/ODUbhGhZZ3662VbjutqGkYmsvfmCLNgUE98tmjH2Yo02eLj17lRWob67W 1ZkoP7oeTIyagByavsbxu4Mgr d_NlOp3XlqaALXJobMKbJDzkCeLyCO34cDZdakMslH78_ emRq5wKBLMhjIyHEDm8oZHZ7CEGpT7CnnioYZfZxMzMEQAmfkhhrUaTmTuY4Zc6hflNf JiIIKB2e93DiaSGC38Zd2QA==-GzkAAETdFtMvKIb0EA1JcGi7jCsKEzlgryV0cHtvHHiqxshfrH_NiPPY9JlsmF_QiB5OaYizJWvVongA

http://www.ranchsendgift.com/whA GDdn8DgnagKosDIjVri8t0NEgjc2RWeEwW0PJL5ubcfQBzfbodObE5Wrn9gOy1cj_uGStOJ_Yx5I1NdaYAWWre8LGqdjdK0R21zFbuA7bBT3TUKD_UIdPjpABg0mBa ZB8wC74KXYxdv2cTv649bWxpS2YoNI6V7IEkpLbbHyl5G47PF nRCA6lisnLstxBYsk4MvTdYzl7pzI1Y_OOXbwsQaQ==-GzkAAETdFtMvKIb0EA1JcGi7jCsKEzlgryV0cHtvHHiqxshfrH_NiPPY9JlsmF_QiB5OaYizJWvVongA

http://gsf-cf.softonic.com/d22/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=33762&instance=softonic_es&type=PROGRAM&Expires=1457062313&Signature=b6jYdMgHskeagLEg9nToy5zKruapiPqZbaDhA1qX9qqzKAVHs35zyP52tWYJADygFOtDcHFTliQIxwVC79l4gqASMJtJOT04Mnw7Xb6ENsb3H0wu7XJwV0I7F2p2phHGCZnvj7DDeuAogKhRC7xKRh2REXwF3~CGQDAUwYSg7W0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CdCoverCreator-Setup-2.5.3.exe

http://gsf-cf.softonic.com/d22/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=33762&instance=softonic_br&type=PROGRAM&Expires=1478823984&Signature=P6fGr33a1OkxD4KHr-VM1dT4ARgL02uvUpHtUGu0gsfhcgBQGEixi1fVrvRxwkfATn-t2qazY8XxS2OXyy1OA9hMK5UuOVYnLdVv9UyHp5PIwIkR1pxHIzj0U3HPB1S6agQt7RMaeymPN3ppT2IHqU4OLIPPHaAPr8Oa38DxIzA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CdCoverCreator-Setup-2.5.3.exe

http://gsf-cf.softonic.com/d22/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=33762&instance=softonic_br&type=PROGRAM&Expires=1480419722&Signature=bGCOVwGIxE0Fis~ydx8ngRYrwRlNlFIHFDCPPHQ4KBctdWDaHjonhwdHqmVpEDaCGWEGOrQVcIbWQ1ZAE6W3quabzs4xghCQSBG6Al3rh1f17GHe8YxsFhb-xg2jQuTmwF3MJdu~W9oGhZteoxHmVia-vo6Eu1-zkjhaQ-lAg44_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CdCoverCreator-Setup-2.5.3.exe

http://gsf-cf.softonic.com/d22/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=33762&instance=softonic_it&type=PROGRAM&Expires=1466404771&Signature=LvA9-DeiqqcaYnB~2LCrDrAe06Cf-M06uHCNop0vJraYxu5sbUCDGlt0QKjgF4m039QM7qzqijikGv8tDFTf1o2~ZlIvgX40TChhShFpB9qSyDQ8nirH7Y2Z8AxPrmvOCNDEi5Xl83CEXZQZ6NVmv-38JXXc~irg-h4qW9mLD~A_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CdCoverCreator-Setup-2.5.3.exe

http://gsf-cf.softonic.com/d22/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=33762&instance=softonic_it&type=PROGRAM&Expires=1461890052&Signature=KmKGRRk1DH4NUso16OjP7qYu0zLydRv3O-7Xk~b32~voR66Dve0IPuSptvxVn5bAbKdOtHBtiyHru5FoM2Xc44-4k4mSkIDBgVRtPz-PCE-06xskjYujiN0eXg-eobMmIkiq8X86EFS9FeuNTio1V3B4NJEPc6x3cErXldWlyzM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CdCoverCreator-Setup-2.5.3.exe

http://www.puntocr.it/index/downloads_riz/getit/.../260.html

http://gsf-cf.softonic.com/d22/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=33762&instance=softonic_en&type=PROGRAM&Expires=1460581429&Signature=V7oHTSxoQ-xOEh8gtMFTEtoYRdEN2dFvMIR38IhjizcClkA0AncL~UTYSzXML-cU8UI29SiqZLzH2u7wpp~5M20SBNN-UIppewMa6UwqybHhVH-qdv4SPykLprbmejt0ueTC0nMVV33gMf~mBBfwTSSsNVD5ajCvXc2KJJnasuA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CdCoverCreator-Setup-2.5.3.exe

http://cdcovercreator.de.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAO/UOXmgi3za88T m8hroCom0/.../DZIQJgpDAY0hxdUzpUHgJcnL4MQ3jInlTaEhDaVpKVSO04u73YVwnvQO7dcIwGovONR3f7TzkKjaEZ0fMVzW4nwIJtfIUw4jOxA=

http://gsf-cf.softonic.com/d22/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=33762&instance=softonic_en&type=PROGRAM&Expires=1458883896&Signature=aAzxRXnED42dQwiCSl6L1lPaAoG5x9NW88l4mt1s9EQ7rFWsvBgWzRqoL1pmrUZ-qJmmVWKqSSPcpTwI6BgCVJR~Q-7Tkh-LDZIikuvF708LX~SUUIkuNGCZk0Psj~7huxRT0nMAcmAwZ27WFxz6FhnAK5u4LmCrS6I61dfMmJ0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CdCoverCreator-Setup-2.5.3.exe

https://cdcovercreator.it.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxAO/UOXmgi3za88T m8hroCom0/.../DZIQJgpDAY0hxdUzpUHgJcnL4MQ3jInlTaEhDaVpKVSO04u73YVwnvQO7dcIwGovONR3f7TzkKjaEZ0fMVzW4nwIJtfIUw4jOxA=

http://gsf-cf.softonic.com/d22/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=33762&instance=softonic_en&type=PROGRAM&Expires=1478864253&Signature=bVofvJRUvjJkb4UuC0xAjkUVSzCubbHkKSgDWz4GTHJrz3KCHDIxQZjwRpmPCtyNYIiNfk7YYEFdj~PZtm~8Ll3NIbinHdofuvvH7FwXDYTm-J2oSkh9z23d~k6TLDIc7miCqamy3YLN7YB-ctAGDZv8K624LGB-fm~8vPEUtEE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CdCoverCreator-Setup-2.5.3.exe

http://r2.computerbild.de/exec/r2r.pl?m=w-cobi;u=http://d.computerbild.de/downloads/.../CdCoverCreator-Setup-2.5.3.exe

chrome-extension://bigefpfhnfcobdlfbedofhhaibnlghod/persistent/.../i4w2RDIZ

http://gsf-cf.softonic.com/d22/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=33762&instance=softonic_it&type=PROGRAM&Expires=1473202351&Signature=RAaOL1NgURX9TWjpFn4D9~utXJZYFaL71UzQMkvkh7ni2WwfEAOAnCEZkcgRBPE7A5F~o7~VnPBb8zpfp~824GL20wPHDkD8iY6TbRv43-3Fg5Tzkxmy2bbPDa3MteiRfG1x9r8ZQv5EPr86~azMCt8S29n0nQDPkVIG8BIcafQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CdCoverCreator-Setup-2.5.3.exe

http://www.ranchsendgift.com/1toAsER1RxoFZesSNm1RkBMXBP6NKZ8RS0fFkWr4j7ivbNR8qP0j3_vdyZ9bAsE1xz8yIpR_3Gyy43ycCvpvB5z3K66LufZU5aPONhn60bQAh8Q8z3P9TXZfy9RovvbFn1W_y2GXMSwnUFvLrPyr8jKZoxrx_dvptreNIMIVNXGP1QDIoLH6TBHVlzNbdMjJN3xNTc9FoSwvhMOw2Ly13ijlhUcEIQ==-GzkAAETdFtMvKIb0EA1JcGi7jCsKEzlgryV0cHtvHHiqxshfrH_NiPPY9JlsmF_QiB5OaYizJWvVongA

http://www.slunecnice.cz/sw/cdcovercreator/stahnout/.../?m=00214563adb89f4a6621a0f575686934&t=51c55696

http://gsf-cf.softonic.com/d22/325/.../file?SD_used=0&channel=WEB&fdh=no&id_file=33762&instance=softonic_it&type=PROGRAM&Expires=1471402050&Signature=SCXTANQiuSolxCC7fiQ9yCQuCTpGunW7BxaHQEE0Z11TZw7jQT47lw73DMPCWseleYG~OJKmzHIl9uUyjOkt~xWAdZ1hQAgK2FoMG00fxa67VH6e~-Xg4R6Z72Bp~2oV-sZVdyRT2RLzshWrByNjZSNE~GnsBpHnO~G93l5ryyg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=CdCoverCreator-Setup-2.5.3.exe

http://cdcovercreator.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/.../h 9789Qm5ppUOrXoCak7FdMYdvMbMcYOs iXcg69NTgCv7w8rxX70HUpZqYBqstx3zQV 07Bn9y3AA2uxTJUAaIxPOp40nee P1fXU=

Latest 30 of 49 download URLs

Scan 172396903_stp.exe - Powered by Reason Core Security