home

238164005_stp.exe

SOKNO S.R.L.

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from fs41.filehippo.com and multiple other hosts.
Publisher:
SOKNO S.R.L.  (signed and verified)

MD5:
0ad878910568416813587572454655ff

SHA-1:
9594f600daec83d16220bf777b4984a3062f6403

SHA-256:
b85877d2cca7ab4e05cd33c8dcf9129407bfbbbf4ad0a1fa115ccf13078a6104

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 5:53:25 AM UTC  (today)

File size:
2 MB (2,142,960 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\238164005_stp.exe

Digital Signature
Signed by:
SOKNO S.R.L.

Authority:
GlobalSign nv-sa

Valid from:
1/23/2012 12:31:42 PM

Valid to:
1/23/2013 12:31:42 PM

Subject:
CN=SOKNO S.R.L., OU=Software development, O=SOKNO S.R.L., L=Ancona, S=AN, C=IT

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
112195D7AA105E2FFC7B0E33F36DA1636E74

File PE Metadata
Compilation timestamp:
12/5/2009 11:50:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
49152:0DeK/ibVqkm4ooF4n+X1sNWJ62KFA2JtY8PF63gO8F2BAo:NK/ib8n4oCUE1D42yhnY8PF63gx2Wo

Entry address:
0x30CB

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, F1, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
22.5 KB (23,040 bytes)

The file 238164005_stp.exe has been discovered within the following programs.

SpeedFan (remove only)  by Almico Software
SpeedFan is software that can read temperatures, voltages and fan speeds of computer components. It can change computer fan speeds depending on the temperature of various components. The program can display system variables as a chart and as an indicator in the system tray.
6% remove it
Toolwiz Time Freeze 2017  by Toolwiz
www.Toolwiz.com
About 6% of users remove it
 
Powered by Should I Remove It?

The file 238164005_stp.exe has been seen being distributed by the following 19 URLs.

http://fs41.filehippo.com/1453/.../installspeedfan447.exe

http://filehippo.com/es/download/file/.../

http://filehippo.com/es/download/file/.../

http://filehippo.com/download/file/.../

http://downloads.zamunda.eu/static/files/.../installspeedfan447.exe

http://s2.download.net.pl/SpeedFan-1921-3004-1947.exe

http://dw.uptodown.com/dwn/As1hKo271SwQYTvqlU3bx1CBDtz6ZuKqGoA8y8UetFkylRrmZrarwmq9UtQSYZvGceJvLMfO69RAx3zdU6nxEOahSnJYAgT9cfTQdwN6G-6nQyePjrKkiNmBL4LU82Uo/DEGBbshzhwcqyhCwgX_Ur_tfgx7lVc38E5N_0bWypYlBKmCDReTk5aWjxJAxNOZ8UfBuLYmKDvlFAO73jJZPKYskyz1RfoCe9CXYtJQAyLerr5DtJQFqQIKgYYV0WaKb/.../

http://filehippo.com/download/file/.../

ftp://192.168.1.91/f:/FTP/WIMBP/Programy/Chlodzenie- monitorowanie wygrzewanie/.../installspeedfan447_[www.programosy.pl].exe

http://files1.majorgeeks.com/files/79e0effe60c1d4c057037f430cd25b73/.../installspeedfan447.exe

http://download.overclockers.ru/.../installspeedfan447.exe

http://www.overclockers.ru/download?44

http://storage.dobreprogramy.pl/.../installspeedfan447(dobreprogramy.pl).exe

http://download1us.softpedia.com/dl/0f5bd56e04f0711645bdf97099bb4e3a/505b19ff/100004103/software/system/.../installspeedfan447.exe

http://dl.cdn.chip.de/downloads/.../installspeedfan447.exe

http://software-files-a.cnet.com/s/software/12/70/61/.../installspeedfan447.exe

http://files.wnpcdn.com/.../speedfan-4.47-multi.exe

http://beta101.com/attachment.php?aid=MTUyOXwyZWQwZGIxN3wxMzY3NzQ2ODE4fGQ2NzhOMVdBTGxyL2syWitHWGZOaDNwV3laemxrMkVhUWJDc2NVVGZ5L3pJeW5R

http://www.almico.com/installspeedfan447.exe

Scan 238164005_stp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.