25923306_stp.exe

Rainy

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from global-shared-files-l3.softonic.com and multiple other hosts.
Publisher:
Rainy  (signed and verified)

MD5:
561dcfbae6d788c48eb08c793f7b9876

SHA-1:
539ce46f239ea18a67983f535594d7dd1f6a5be7

SHA-256:
a3c7ddde85da2488afb2b47b9637701f396cc47e95c02eeb4da66bb0af1defbb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 5:05:03 AM UTC  (today)

File size:
14.2 MB (14,871,560 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\25923306_stp.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
3/6/2013 9:00:00 PM

Valid to:
3/7/2015 8:59:59 PM

Subject:
CN=Rainy, O=Rainy, STREET=Kotkansiivenkatu 3 C 6, L=Tampere, S=PIRKANMAA, PostalCode=33720, C=FI

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CBAA8928B1F44D447F6BED73C54B77B7

File PE Metadata
Compilation timestamp:
12/5/2009 8:50:46 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
393216:zbH/A06BlWjyvVYEmqJYHxiVBx3LA6ke8So:zT+B32Emq6HxiVBx3rke8So

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file 25923306_stp.exe has been discovered within the following program.

Rainlendar2 (remove only)  by rainlendar.net
Publisher's description - “Rainlendar is a customizable calendar application which stays out of your way but keeps all your important events and tasks always visible on your desktop. Rainlendar supports events and tasks which both are kept in separate lists.”
www.rainlendar.net/cms/index.php
4% remove it
 
Powered by Should I Remove It?

The file 25923306_stp.exe has been seen being distributed by the following 50 URLs.

http://global-shared-files-l3.softonic.com/539/ce4/.../file?nvb=20140528155450&nva=20140529035550&token=0bf2bc2b96edfd7e27425&id_file=28007&channel=WEB&instance=softonic_pl&type=PROGRAM&fdh=no&SD_used=0&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_fr&type=PROGRAM&Expires=1449121739&Signature=Q30ibnUqzXTqpp~J~66HbctTpewkULbWZnpHmaOuRSo~GWk9D~HQIiy8~T~do6bW9viGtkriflxmbLjfKIklVG1qar4yFLnjdvq-1k~P~4RYLOSx35786RuDs0ucOOTjMtGZYH8v2C3Ih9UsqcYlsmCfF9cM4VYzOMggiYJOqKg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_es&type=PROGRAM&Expires=1481771412&Signature=BL52GDDprX~eC~2WBzip3rqbSGjhDhiiAZCFmj2KhXgX9ciG1TmIfK41kfLfdYQdZp4SWKs3m9-zICCnVEdzttUEGeO3yNbaEvdJ0N-zpLqDEsrEHr7rwD919m1GwqiDJKW04VIKcpU~HNdHM1M~Sifw7NunEx3VnXn3B4uvFd8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_es&type=PROGRAM&Expires=1441082145&Signature=LH4~101~zS0dMVf5Ud~c9mTcXq7MvFTl4aaEE6paORRSMyL9nNePU-HzhZE000pTgv~kM8rTFQMmFvjIUMVXChFWxiqPyhLyTvNCFjuhW~uEQ3SlC9bHVrzwwnqCFP4HvHSjliql1xKhMFogN3FwINl~Kv9CI19xwOco0sgxnWo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_en&type=PROGRAM&Expires=1477575161&Signature=PpBfcmO9~-5RXtkYAPX87wUtxyi8E5pyoKkuZ-vUuie3PwDj6O4OVC-3Sop5tfy4Nou8kU7TgO~j-yKJjEiMIHyLcwKprW1JHkbnmD0dn61PIQWV87ihJNQHiusVVuJ3oVh-qzh5YN6e72nFCELCwQYd6kQMbUWrW~PtTXi4VNA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_es&type=PROGRAM&Expires=1448367033&Signature=E-iaor8iB3P3g~wL7mo8ilTsAnSeom7W451bdqOnHKjjtZfFu7Vh82Yzjhb2CVX7SdXJI6xKr9Rn7FOdGvIPibe6~LnYNYF1vz-INllakQmwGoVQFDnOBWazH-Io3w7znRIbIZETM69~GTlMfH7ANYhLXB0HvzAqaC-nRxCEKs0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://www.bitsfarmclean.com/WYYDqoMXD63sVbZ09whPBkTgls4d5d7oXZASzKczkZ0Bnmrycz336Pr1VhNS8Hxim32Rf_ziX4e6_TmOBQzI1GH68PLYvMFdsRlvVlBKIGirVEUul_XFQyo7FCFRHyibXNg3jZDBvbVjvQ_7uIZ86K2pDwHUr8v6CmRoF0pqnakjCxjAzL 34njBVa8gmN4m0F FGypD-G1EAAGRgnq2tSYjSCdiAA5eEwkAHtDvbuE_r83ldAvxC2_l8GY9Gljlc8H czmN3h6bvJD eoqme393teDWqcAHBJvoQ_9pJgUlECZolMRxHSA==

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_br&type=PROGRAM&Expires=1441359145&Signature=JchGcdEurxc3fsQRDsWnXmUqUEbDvAfmgBMLeQOtddnlkYqVIhZn2TDjVjZVqsAyqWeyH4bvqn0V-z4qU45eBpvsHMIEe3GZtS4NVs5tlDCmDv71XVfmLLpIFya0jf41vBsFamg~WoYv~0cucqyI1I49BN0jgO4P4sRNtp7wPJo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_es&type=PROGRAM&Expires=1447910884&Signature=IPMWMz5-1vlbSmacvIbcsgLdu7NUjLWaizX8Rgm8El25u2OUmUVz5ZGZSFbk6oIKE8QYiz5PHtGOsoz14xahjRHitwnJy9k9qx1~~hXaX~8WqTh8Oy4yI9zx0zwgv2QBYtNjLKsyS8j-Hb9oO1kgqCO~ke3eaz7mbMy6fK4T1Bs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_br&type=PROGRAM&Expires=1442011867&Signature=WZMecK~Fy13bX41BOCc1~tuKIYC-juCq3QGL1BW9vhnzlq7z0SsvUhozDISMn43HiyDkP2JNo4Nmp2Vnki24WEU~f2X3iHLzQbqtwpowyw9RsNhjZp1QA-re~J9loOrtYe12SGIN7-cQ93WBWxEuTkXf-Lu~k8GLYO5GTERR6P0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_fr&type=PROGRAM&Expires=1478254232&Signature=RFCNGLhzZ1htsAG2a0dgAfRBfORVk3PezQZAB4J9uGvknASPB7qftBIfV5LrovwhNgxI9TBHBBiuxWUa1hV3N2nwbX4zBvwhQHdOctKW7dyifgryJoQNLU8BqXDhoLtNhyomm246ViRNgThiOgjfRpK2RftlRXxfapDHtTccS5A_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_br&type=PROGRAM&Expires=1475885626&Signature=R0qexX3xusm6B9VXsr6mxsNVKfg-LjcnwUo8Sb5CA0PZHiCSzZBikk5BlLfDQcMwStSeEr9kcYlvyoM8nJyTTeg1JZ88ZaYVByTOZDagrw0TUzZ0BAfqQr2DUw13KjNMwWOU-YGFziK3qqqL9dlinQjm9lsBcQj1vnXpzDXhgc4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_es&type=PROGRAM&Expires=1457054445&Signature=SC71mFOEIomtn7PdUVZcC2hflRc7W02MBWkWtHc-~HNG3ncsKeDJZKWo503MiqdxRg2~6icytPwc1~AzW6cIJ5mIP4SIQc7MOQTY14m58ENOGQ4Ayinhmq419Touu5H0Bkvno1Q9pK0gRutKYQ8Lwuqw65ap1J7jbcqtyMfTa3g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_it&type=PROGRAM&Expires=1445295161&Signature=c5gdoSIMcP~jKDMQOMNOCyBpcvQfqJBYzCVf30c7TNuJtKxHxxF1LimAM-y~OOwA-ily0dlK4mP~s920g6-FoRAUrRQU2T5vf6l39s1S5O64o1VuEdb2bwg0Vkv2iSXf-VBt3oD1x7zMF72DHU8c0r2Ez4q3YPHjqTB-jNx7VmE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_en&type=PROGRAM&Expires=1477727532&Signature=Uc5DzprtAJksHzkWBzHM521d6YwkfUw1mEXhZzHkyLJX~m9yz3UcmfOtoMoI0jFDW3pFZJKPkOdBWiZAoppzY4A5Q5If867PPOdIVoJbWmOO8lJkdk3Ku3fXyEM6P0uf85hFp9ojHuYgbm4MWgupLqpxL9rEn~lv81DNiXEoIYI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://global-shared-files-l3.softonic.com/539/ce4/.../file?nvb=20141220104617&nva=20141220224717&token=0cded5cf641d162cdd950&SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_en&type=PROGRAM&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://cdn.portalprogramas-download.com/d/.../rainlendar

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_de&type=PROGRAM&Expires=1476440094&Signature=QJNOtjdNwsPJePxuSMebYMWvPID3SkU9PXpOXj2-JJqiH4~Yb4KW0Rz4jf0QPBR4QrmhEowjZfT7Rx~H0f~R4FTCe1zRHJnIoL5j7YKBnKzuAi~yVnmneV~pEKnStyCoMzAACJuUP3GNOt~ssCUIcmTs1nEBZDop9ebAaOnO3F8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_es&type=PROGRAM&Expires=1472189061&Signature=WeMfGPuj3A-Qp-MVrv-A2fllLL8aCmWRljKgJvDNx1Ia-Mv7WPIl-HqJz-Anma~Av1fFrKHT3Nm3jGnWCl-3QM5KyzWZJSQ4ONmBXPiJH8wX-YXY~FhhlEWySTQ~Gy80VMb0XI31OMlo~8VeU14ei~8hzKOcWitP876RVxia4fU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

http://gsf-cf.softonic.com/539/ce4/.../file?SD_used=0&channel=WEB&fdh=no&id_file=28007&instance=softonic_br&type=PROGRAM&Expires=1465686018&Signature=VrN1QLzHYS3xVlPUkog0U7BPbSCRWYxQLkUIWM8g0KeDjNoezhJ877xRDPVK5swP~-Eo5W5aNER~FVcTr2VXn778EXDBAY6wXD7RiHOqYm-0A-hg4n9SRnK~9rSRg6~jy5fpGrcXCPEV7l0sYLYz93E4F9-APTL0uwK2OaA6hPM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Rainlendar-Lite-2-11-1-32bit.exe

Latest 30 of 60 download URLs

Scan 25923306_stp.exe - Powered by Reason Core Security