2bd40e6f_stp.exe

Free YouTube To MP3 Converter

OOO Vympel

This is a setup and installation application. The file has been seen being downloaded from www.vaultsfactorycentral.com and multiple other hosts.
Publisher:
Digital Wave Ltd   (signed by OOO Vympel)

Product:
Free YouTube To MP3 Converter

Description:
Free YouTube To MP3 Converter Setup

Version:
4.1.23.620

MD5:
cc097d2098b6f95fc14644ea57dd8818

SHA-1:
3e356e7563394b648687669761a78a50c3913a44

SHA-256:
e4a2c0324fd262ac33694a657e491740e8722e8505f567ef6fdb12ff203baca7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 2:09:51 PM UTC  (today)

File size:
39.7 MB (41,631,200 bytes)

Product version:
4.1.23.620

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\2bd40e6f_stp.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
5/13/2016 3:00:00 AM

Valid to:
5/14/2017 2:59:59 AM

Subject:
CN=OOO Vympel, O=OOO Vympel, STREET="Krasnoselskaya, 11b", L=Nizhny Novgorod, S=Nizhny Novgorod Oblast, PostalCode=603022, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00E1BF6A1CF62A73022BF732C0792B0D54

File PE Metadata
Compilation timestamp:
1/15/2016 11:22:50 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
786432:k9XmuKkjhzpxfDmKFLt0FuasjE2fHjRJ0wFwxRSN3Cy2vfonp:GHzHfDZFLTlDtwGN2XSp

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 34, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 1E, D8, FF, FF, E8, 6D, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 33, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 54, 86...
 
[+]

Entropy:
7.9995

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file 2bd40e6f_stp.exe has been seen being distributed by the following 29 URLs.

http://www.vaultsfactorycentral.com/c?x=ua6cnZr7z9cs/rUdALCVkt93TNETr/DsHx3C9C3bK 8=&c=wVaGCqp5W8JmLjM/pI03JwJJ9B45tk9PD3 6ulTDwyieQ5Yn8vfOdtBdtZTlYCuE8jggXEVBDkEX0eGm1KmbBEPK87Eio1RIQm87AIeRNQz8XQJzGfecxfNXMAUL4y4G&downloadAs=FreeYouTubeToMP3Converter_4.1.22.617_s.exe&fallback_url=http://.../FreeYouTubeToMP3Converter.exe

http://www.vaultsfactorycentral.com/u_1eMq24aIVFQ2Pgkrq6ASZlgSqsroCZvB5 Zd7TeTV sPQQSOCsA7Sa89wirRMYWJP7MUsn6A9eEbXS8wMM236QKRDLVZPxstRZQcv4tgRNesArC1FArErw4NuRhheMbcPuwMymCamravyB7RYO6rg _zArKjoOjE5QW2m65Y e8jGMl2lBlBh YuDtyqckcOCa ZABGgYwjOP7Itdf0ZvnKwUpECgKa4Oeayo_frp fYooPZHPWCXc_8HKV DRMLkw9kynU5wKXlEWw CUlzTUtWRjdFzB_W4O8TeAWeBrxx492uBcSBbAzbvaSIDcL_GHent3Rlezon kEDRiJrIlS81IONscYRIJOGTgH16c9dadZZ4SXn5XXIm7m7DVCScbxP8NHrDt7VOXdAWyvBblm5drfTVUnJLH_e97Pn0mbXrvXZYYNI3vg72Ixn3mxJ2J UO-GzcAAARkbrFRCN3mZqBYlQcTGxMnOOSA_V8oJSLBRE4krd2fNZ6zxZ8jWlLe3RJmlNXCog_9k9 XFD4=

http://www.vaultsfactorycentral.com/7f94EuimPddRDjFdL ow4n61RV3KyOoY5wNk3GrD4XHmEwC8qYOdaBUBZcdotP_eAiTHp9BFLDzUdTKtsvzuZ62AFf8fBIFO7JNNoucDuojZs2sUi_Fklyczr6EX01ayKtAXCctPJjzhnzuh9s2jHspn1f9Hgttuj7TZTStHBFmRNwAtlNz6h5V_YZjT kgEgMfC1hGb_fydQzm8kmOjjfoq69qwzroxCGeJHJdQhVfYNp5JQdz5_iu1fFVSOlAhuwrzUHQkhzYbTthTjuMUN Z2bL23vW5DIHO7bHUbS6WSOdXkcsGNi7i55SvuXot1XEHUK_HpBuq8RK38jlbVjysYQUAG hwSslqqJsPMHqUUdrORMMvX1BMiU fNAXwT7bfku07C556onp2oHJkqAlYbJG_OtjlufJ5Rhu1HbrNUmc09lQ=-GzcAAARkbrFRCN3mZqBYlQcTGxMnOOSA_V8oJSLBRE4krd2fNZ6zxZ8jWlLe3RJmlNXCog_9k9 XFD4=

http://www.vaultsfactorycentral.com/XaBRG0o_zMH1HYGfmsd0j46ieHGm4mghS9rWCd0ibpLKx2Ccf01wS_lYcpaSxkhlcVTyjWnlp7wr9JjFxHxtfSq4eJK24KiB zGe2tHg0Zp0OTl4gmzvfPbXSDHPlM_VLEs2n4bCq l0dg8hpi9aNHeli31su8rnmfO1REqjAu26lCPCB9y83GbJBm_sqXW9ul2 NwHK6_vGLWXgEAFtBLFbdetO1N5FauH2ILz775MIadLay7mQhNXt5PopkTz7Dfj0vqWvt3fAKPR5aq83vH1CrTj7gs2B0gQ9tSr 9yHWbzeGXnYtp0gPKg8nZPJ3v7 aGbUEJfMdDjA1vYq2gF WDo1JU2ZSttYGNlgMlX3E2W2OUFiwAJiih5NuedYP5TKLviXeWDBIDWkH6YzkETBDFa8cNg0olMkPxUU0rtrvJFpZZd8=-GzcAAARkbrFRCN3mZqBYlQcTGxMnOOSA_V8oJSLBRE4krd2fNZ6zxZ8jWlLe3RJmlNXCog_9k9 XFD4=

http://www.vaultsfactorycentral.com/0rGWSSdI5yDf8 FY9yHHxKHyiKjwOPGaeVPFLpNcj7p3_KCA58wArdqdewNYQNX_smkos5Rmi8V2YTqJt8hK_lTK_Z6sKUbqzNIx1i4nPkJpd fjWNLQ46XIZ MRXA4yCDbQP2im9jD3HU4_Fey_bdcr 9toRk65kzPCyzzG6SbbpgWj_YQiMIHy6mdXlzwuUot7ua4Jg8m9uOqT9owMGx3qbYvfEfjyxzwcHxI8lC2KezFQwCamms5pJ26VuoxZe0UyCNqJRVfZgDZzWSwVY5Du1gs_ilL h4DLzuond04Yq1bo4jp4O647xXXqlINiNvkIun9YsBTZUrrfJ7Gj2WZdMm8OsB3IadAe_sHUQyCCHm1LaUh9bvO0S3PzwBDmgE9COOQo_K4tvA5qPp5Ykpnb4WC GOD6lPGHL74E yoqwkvK4Fc=-GzcAAARkbrFRCN3mZqBYlQcTGxMnOOSA_V8oJSLBRE4krd2fNZ6zxZ8jWlLe3RJmlNXCog_9k9 XFD4=

http://www.vaultsfactorycentral.com/FFqgqSbOXi5P29rivZdNMkPG0I4ct1bscHNSfqaWj175i3zJfR5rtF1wobZ iinwPPSZNstRhodrYFSNBYaw1voO15yTmmSLFe0PBVXvZDIYGrZmT1XIPVJ_pq5H8QSJwe4qni8oAIrkLIwgkmYXNDXDbiSWaHtOUrXnI3Qw2dZUaAfW4E iaWuVitrEfI55RqW8AkqTOn3ZLiGOIdYS5V1jm8GJarX5ND6f7bxDWBuTaBQhDXzaV3XHRy1AoUg0NdwQYOVNbSrirPA3lNHgK_MkJjE7ssJo3qXturg8ZcamUsh3m4Fep4HJgnz6PsII8ySeWeWmfI2iMGZOe2ROv4c3B31iMci_gaEpbJaQlMYDk9IRS4RjlMDtq50pElRoeat2oZV3fiMvO8J1yHpQR26Br06IS6OztwET8to5_e0W15HuLDA=-GzcAAARkbrFRCN3mZqBYlQcTGxMnOOSA_V8oJSLBRE4krd2fNZ6zxZ8jWlLe3RJmlNXCog_9k9 XFD4=

http://www.vaultsfactorycentral.com/eA397v7uOzPvovpVOxFPhVgQWdFblGknELvRAGze5yCZhjbqVJ07i_W0k0iBU5eKuXytFiARQqgodNjV9TDWr7_yf5y_8vWlNv231ipynYNFLaxR _Mz8Q5ruag p3dcJpnNFagOd40SyXQkN3J3TiX1nx9HnjcUZVv2wzLPsPAw_fVuLHSajrKrQGleXhDEnwPtvDeCHDl2wqfBWjdCqCsWLKiug3eTo4Sq031y_k_N6 q9hbpl qzuEgzKtZLA8cAywAlVPgpS_99dUcLk62fb 9or32hS7SZrmGQDKfVAOocdzURN59_CXpZpHHc85Likj4OjymAWcjSftf8k6VNi_CSg9FMYlwgv76khsyfg7472jbnujhSsjvmBbn6jFdLrEOEwSaXg5joN38myBqXrUbnwko13Mi1s1gmaejfoqtVy8cU=-GzcAAARkbrFRCN3mZqBYlQcTGxMnOOSA_V8oJSLBRE4krd2fNZ6zxZ8jWlLe3RJmlNXCog_9k9 XFD4=

http://www.vaultsfactorycentral.com/e5MlWBNwIwKNjD2NoRXc_x3BslFrIcE1cvZrSDtpajX4frzrFK7Du IRGbKYXz8bLbZQlD1f5JSsMK7XVta9Hosf7uR8aoIre9fiTmu7_J7hMs0QrSW9RehwfC5bcc8TJw0LA9ba5Oia9YM24fGzPFpZTuM4hBZUcKbNkUSo7isF3FIadelxSlsddsijvZhCQ5i6BJmHRVA LWp241zML05bteN79RmlE5jNt3VbDHQTcqXzv21nx0OU6UPCknLyqzfV_ufVDKNv6Gn2FfWfabZbpPhMOIERhrPykkQaKTb4brMr5q05ALwE8zf0cs MHTsTZSo7XdK6uk8 jxPZv8rtcRtK GGOJn69lkhxwmYyzC_B52I_b1k9ot588nGMfc 8uMaRmBJvmjmYMKHFta9q7y1rtgguMzf58lkToZI9WM7FeiU=-GzcAAARkbrFRCN3mZqBYlQcTGxMnOOSA_V8oJSLBRE4krd2fNZ6zxZ8jWlLe3RJmlNXCog_9k9 XFD4=

http://www.afterdawn.com/software/.../download.cfm?version_id=111403&software_id=2371&mirror_id=0&installer=0&perion=0&air_installer=0

http://www.vaultsfactorycentral.com/c?x=M3 m7oMGzla8tqCQLe/G jS9ZHlLDXa4GqFh1f /o8g=&c=uMM7eN8AEGJV19XEuDiVdKBAF0kTvFvdHa9r4EKQoJxdB5CQVPdpS42gRSVqP8QFQzkQn7WU9Faa2dLyUXGkRKQSXK0qoHtom8OL5CNKGjSD7lVe6jPTla5yWwkAHg0j&downloadAs=FreeYouTubeToMP3Converter_4.1.17.530.exe&fallback_url=http://.../FreeYouTubeToMP3Converter.exe

Scan 2bd40e6f_stp.exe - Powered by Reason Core Security