2857b0e5_stp.exe

win.rar GmbH

This is a setup program which is used to install the application. The file has been seen being downloaded from docs.google.com and multiple other hosts.
Publisher:
win.rar GmbH  (signed and verified)

MD5:
0a06d94aef2f891a73ffc0ae5990d8ba

SHA-1:
a42100f330acd54f21700c060d821e178be86427

SHA-256:
96c3ea4a5b0b5c7a5c6ed4de3e94a657df5ebe91193e27d8be2d161433b19c8d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/2/2024 11:18:28 AM UTC  (today)

File size:
2.1 MB (2,162,896 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\2857b0e5_stp.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
6/1/2015 1:00:00 AM

Valid to:
6/1/2017 12:59:59 AM

Subject:
CN=win.rar GmbH, O=win.rar GmbH, STREET=Marienstrasse 12, L=Berlin, S=Berlin, PostalCode=10117, C=DE

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00FE46A10AD94269C3DD225C13645352E4

File PE Metadata
Compilation timestamp:
2/3/2016 7:38:39 PM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:OFDDmfz2cs1WKz+REvIcxGSE2BgQ3EK2ahEdSxHvf9:wDDezU1eRE3GNnK2gnl

Entry address:
0x23398

Entry point:
48, 83, EC, 28, E8, E7, 67, 00, 00, 48, 83, C4, 28, E9, 12, FE, FF, FF, CC, CC, 48, 89, 5C, 24, 08, 48, 89, 6C, 24, 10, 48, 89, 74, 24, 18, 57, 48, 83, EC, 20, 49, 8B, E8, 48, 8B, F2, 48, 8B, D9, 48, 85, C9, 75, 05, E8, 81, 1A, 00, 00, 48, 63, 43, 18, 8B, 7B, 14, 48, 03, 46, 08, 75, 05, E8, 6F, 1A, 00, 00, 33, C9, 85, FF, 74, 33, 4C, 8B, 4E, 08, 4C, 63, 43, 18, 4B, 8D, 14, 01, 48, 63, 02, 49, 03, C1, 48, 3B, E8, 7C, 0A, FF, C1, 48, 83, C2, 08, 3B, CF, 72, EB, 85, C9, 74, 0E, 8D, 41, FF, 49, 8D, 14, C0, 42...
 
[+]

Code size:
191 KB (195,584 bytes)

The file 2857b0e5_stp.exe has been seen being distributed by the following 41 URLs.

https://docs.google.com/uc?id=0B8c0bx60VonlQzRSNHA5U3ZYZzA&export=download

http://www.towersbinariescapital.com/WVl6OTRQV2gwZFc5c1pYZFNPRlZ1VkhwNWJVdFNiV0Y0SlRKQ1JubG9UVkpCYjFWb2VFb3pObWx0WmtoS05rRXdZeVV6UkNabFBUQW1ZejFvVTNVMlR6RndjRE5HVG1kUmVsQkVjbFZ3VG14R05XbzRTR0ZLZGt0UGRWUmxSRU5RZEhCS1EyY3paRXMzTW1vMFEyVm9kWGgyYUdaREpUSkNVRWN3ZEdaMmJIUnZhemhrZUdOc09XNXBlalJtWm5NeFRuazNhWGc0TjBsdFVFOURabm93UmxWMFJpVXlRbEJTTkhGS01rSnpTMDg1YkdsUGRuZEtXa0pxT1cxV1VrZEtiV2x3UVdaNmExWjFZVkkwTmpSeWFFbDVaMk5uSlRORUpUTkVKbVpoYkd4aVlXTnJYM1Z5YkQxb2RIUndKVE5oSlRKbUpUSm1kM2QzTG5KaGNteGhZaTVqYjIwbE1tWnlZWElsTW1aM2FXNXlZWEl0ZURZMExUVXpNWEJzTG1WNFpTWmtiM2R1Ykc5aFpFRnpQVmRwYmxKQlVpMHhNak01T0Mxa2NDNWxlR1U9

http://s6780.chomikuj.pl/File.aspx?e=BYp0dD6yy7CxzC7wy_zVmzQdExMNm-PrXlYzGT49qHL2-8EimYmzplH2Ofy1czgJaZmt7_vpNcvT0Boiv8nfF_hppuLpDsb6XrljooLzofA3Tg9uwEMWHDUpR8nPIaLXtZOk4Ul5CZrMlmerV5VU3ottxAvhJXz-sa7KB85_qQMpdK9eJmuqlsb5PBHJTNAa&pv=2

http://l.facebook.com/l.php?u=http://www.rarlab.com/.../winrar-x64-531pl.exe&h=WAQF-jjcu

https://winrar-64-bit.softonic.pl/download-tracker?th=1/.../Sm GK2tvkuj2NRBh8vkTKDSWJgVWaL91kHTY PqhBHNPqv5dXEke2UfJFj6LK2mntAzQo7fbu5sGcsRnRkL2MJRdOukO5P5a2IEJ4Ohxg=

http://s6780.chomikuj.pl/File.aspx?e=BYp0dD6yy7CxzC7wy_zVmzQdExMNm-PrXlYzGT49qHL5hVXP4z3Ph_NbaB24KBhV4jz_b7wD-ksJ5i_z4XARPTSfQBbC3L0UzXTCVwjFyhEM6Vw76wL35GG9QjvDdvn0mL7rUwveBosFxJivLWTetMfdjmk20guIS8PBvGJ3mNHFAmQh-9zlIvZsnUdVAV85&pv=2

http://s6780.chomikuj.pl/File.aspx?e=BYp0dD6yy7CxzC7wy_zVmzQdExMNm-PrXlYzGT49qHIOEqU7aMmAB-a-rdcoO42YHz3bM4azN4PycfsSyMBxiY6Jyc3kIvBo2hI9GpB-jzsB4pJ-S1xEqu0jIHtAsUNxmDxos2taJWWuhrwmEUYWe_3ktBJE1jRmYan-j-FUQdxATzvuB7iEsI2bbHhMxqrP&pv=2

http://www.rarsoft.com/.../winrar-x64-531pl.exe

http://s6780.chomikuj.pl/File.aspx?e=BYp0dD6yy7CxzC7wy_zVmxhAGtvmhoyZ9FtX8CCbfUnr1ToqucdXvIilgukNAezdJ-VpR4wz0Ry0hbeDiebqynfeVu5o9RqzByg2wBVb5ePwFggABW_XaciJ1pJYKZpEFSBlz5tggrwUWAT6SgeDpgbAR9WVTaH-Lejx-57m92M&pv=2

http://s6780.chomikuj.pl/File.aspx?e=BYp0dD6yy7CxzC7wy_zVmzQdExMNm-PrXlYzGT49qHIUZoK6gQOM7uUMp1hEA9x8tEYRyap3cBwtmoVzcEY4jjda8Z19o3MbnSBGJRsElxxTrniZfhKLmB-FEdOgRNDcNXORxYSULfZ3dOer_eKm1G6k0FPKmL5Ml0xC6oUziAqeb4djom48xzre81tRy1oy&pv=2

http://s6780.chomikuj.pl/File.aspx?e=BYp0dD6yy7CxzC7wy_zVm6NAI6Hfcpt6-_9VRhrWWzsF0m56yImVIRY9BtVpnMFzxP0oWSrkhHwnc6nweMyt1WwddyWEB1QlusRD5dFuF5Ft25STm0z_pBRsKxE-RE6UzSszBlB3E3Dj5kwINHQR7DfiR9kBo_vxAmIxMei0fN5fWG-BIZ90kdsnaghGUeIf&pv=2

http://s6780.chomikuj.pl/File.aspx?e=BYp0dD6yy7CxzC7wy_zVmzQdExMNm-PrXlYzGT49qHJGi7lqtXTap04bc9Hh-VVNNM8wqpqdcCe4_tvwMaOuXpWThxdJrbnJy9v9yAK9aGVsV0MIwGqurW3E2HpLz-sGz9219r-zPcLW-9W6ECi5NfqFM7uCut9Jz9d0xXOcQFDiZnmaZMrHT5vE4lZpDKhX&pv=2

http://s6780.chomikuj.pl/File.aspx?e=BYp0dD6yy7CxzC7wy_zVmzQdExMNm-PrXlYzGT49qHLO3nRJwEJOI030lmdI99OgRjw4u0IhHSKbCScpKmtSWTk9O5r4kyKv2RTsns0sp5WtMDI_BJmSIS7tGBxHA4zzs5EK4wSv9p03ScXtBPHuyLTfZNcOjL2KE2fLthoRh8Z-EU9GVZbAgOdGtfSO1x7i&pv=2

http://s6780.chomikuj.pl/File.aspx?e=BYp0dD6yy7CxzC7wy_zVmzQdExMNm-PrXlYzGT49qHK-zB8S_SUPaSGn5Ng3EVq2PFWpo3pKZ3Opph7pU1XV7dDt8zXNDGUUxob9rLcEtrKOyqgKa_NbHQU5k8epgJVkrMc5PrL8ouW-pvST5jdbG1gYvqnM9jXzhC_JMsHkcEQqGP8K5QcIc802VZlrHop4&pv=2

http://s6780.chomikuj.pl/File.aspx?e=BYp0dD6yy7CxzC7wy_zVmxhAGtvmhoyZ9FtX8CCbfUl9I6suG8LN2a56mFaHj7wlzZZTirYcclyQvKfyM87KXIrSHY3675anlkj5zsf0g2DooygtJpFT_YYjsikw_ZuZsSyZ9dmQod8wxWcpR7BQa4KdyA-2Y78plXxI0S3DRM4&pv=2

http://s6780.chomikuj.pl/File.aspx?e=BYp0dD6yy7CxzC7wy_zVmzQdExMNm-PrXlYzGT49qHI0wxEqmAWw8d8ZvSeT4eqW63lqU9VRY_pyCxqyFrRblN4eiiNw9UOU_7b2rn2BuSe-PE5T1KLyc4Tp4pGr0IXMdR6OpWFH6LG2cRX8KISI_OYA1KlEgbGCr-etwBsrYBbfNDDtp28Y7rW1JP-UqaNy&pv=2

http://winrar-64-bit.softonic.pl/download-tracker?th=1/.../Sm GK2tvkuj2NRBh8vkTKDSWJgVWaL91kHTY PqhBHNPqv5dXEke2UfJFj6LK2mntAzQo7fbu5sGcsRnRkL2MJRdOukO5P5a2IEJ4Ohxg=

http://l.facebook.com/l.php?u=http://www.rarlab.com/.../winrar-x64-531pl.exe&h=0AQGTE4jp

http://win-rar.com/fileadmin/winrar-versions/partners/.../winrar-x64-531pl.exe

temp:winrar-x64-531pl.exe

Latest 30 of 41 download URLs