home

4907601_stp.exe

This is a setup program which is used to install the application. This file is installed with the program Subtitle Workshop 2.51. The file has been seen being downloaded from s8365.chomikuj.pl and multiple other hosts.
MD5:
2ab4378f79ee5b19f4091cbe57f2f656

SHA-1:
16f4684d264b96dc686f2887576a0bf61944aa3f

SHA-256:
35b6a45720bda0a2831101998bc91f6ca32f3e3e599d7db758be51e90d42497e

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/27/2024 2:40:40 AM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Win32.Viking.AZ
8.13.12.20.01

File size:
1.1 MB (1,107,022 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\4907601_stp.exe

File PE Metadata
Compilation timestamp:
2/7/2004 3:26:28 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:h8n/olFVtLFJJ7M4FNtknrzt0MMBQbruwiU+o2:C/CFXFJJ7ME/qr2ziHon

Entry address:
0x4048

Entry point:
83, EC, 0C, 53, 55, 56, 57, C7, 44, 24, 10, E8, 91, 40, 00, 33, DB, C6, 44, 24, 14, 20, FF, 15, 2C, 70, 40, 00, 53, FF, 15, 90, 72, 40, 00, BE, 00, A4, 42, 00, BF, 00, 04, 00, 00, 56, 57, A3, A8, 3F, 42, 00, FF, 15, D8, 70, 40, 00, E8, 8D, FF, FF, FF, 8B, 2D, A4, 70, 40, 00, 85, C0, 75, 21, 68, FB, 03, 00, 00, 56, FF, 15, D4, 70, 40, 00, 68, A4, 92, 40, 00, 56, FF, D5, E8, 6A, FF, FF, FF, 85, C0, 0F, 84, 57, 01, 00, 00, BE, 20, 37, 42, 00, 56, FF, 15, 80, 70, 40, 00, 68, 98, 92, 40, 00, 56, E8, B4, 28, 00...
 
[+]

Code size:
23.5 KB (24,064 bytes)

The file 4907601_stp.exe has been discovered within the following program.

Subtitle Workshop 2.51
About 3% of users remove it
 
Powered by Should I Remove It?

The file 4907601_stp.exe has been seen being distributed by the following 15 URLs.

http://s8365.chomikuj.pl/File.aspx?e=_53stbAsXOqbyn0UwxyfWtDhCA_ERmtCJcAy8qbf-e-iYfWgpS0XB882XBK4Z0gqL04WEO7U5RmSZie_7pjsoTRNfZ6DTH6IfMtKy8Ho-CcS9ORjYBp9kcug7vg1B5ijt1UAX6XavFwbjnSLMNAENA&pv=2

http://letoltes.szoftverbazis.hu/te51L1L-pyAqKqenW6YKTg/1472669440/.../SubtitleWorkshop251.exe

http://www.gingle.in/subtitleworkshop.exe

http://bramegm.com/software/files/.../SubtitleWorkshop.exe

http://letoltes.szoftverbazis.hu/6RTjK2SyA4bOSmsjsCm2bw/1478422089/.../SubtitleWorkshop251.exe

https://mega.nz/temporary/.../LBcASbBZ

http://www35.zippyshare.com/d/70856006/.../SubtitleWorkshop251.exe

http://download1971.mediafire.com/6xk2vixoxslg/.../SubtitleWorkshop251.exe

http://download1240.mediafire.com/59jq54qe23zg/.../SubtitleWorkshop251 - By. HossamGaucho 2 Mr. Adel.exe

http://get-2.wpapi.wp.pl/a,78814252,f,multimedia/.../subtitleworkshop251.exe

https://www.dropbox.com/s/.../SubtitleWorkshop251.exe

http://dl.cdn.chip.eu/downloads/.../SubtitleWorkshop251.exe

http://tcafe.net/.../download.php?bo_table=tr_util&wr_id=102286&no=0&sca=&sfl=wr_subject&stx=??&sop=and&e_m_1O=ODIEMzIEMjUENjgEOTQENAQ4MQQzOAQ3MwQxBDIEODEEMQQxMjEE&0.12042005732655525

http://letoltes.szoftverbazis.hu/Sh90UWFR4RRP3h46ZkvYVA/1401902498/.../SubtitleWorkshop251.exe

http://212.235.15.29/rapidshare-premium/59550264?ivit=3153&original=rs204tl.rapidshare.com/.../rsapi.cgi?sub=download&fileid=59550264&filename=SubtitleWorkshop251.exe&dlauth=D1726F7866AD30E5FF47D0AC9AFB959A4024606F10F57FD87D0BC60C751D990DFBAE25BC55AB35AC263DB97B9918D990BC343D8674E120C53CC77B02320BC757F3C08C3C2DD126ABE414386A3038BFCF6764F9488DED205C14B1AAB20704D378017C6D0F421FA0DB57DD5758FB5AEB81

Scan 4907601_stp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.