497184_stp.exe

Windows Live

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

Product:
Windows Live

Description:
Instalador do Windows Live

Version:
15.4.3555.0308

MD5:
9f410a44bbf5d42d263ab708c68a1d2c

SHA-1:
c0e72a59b5b6aa664fd07148e488a627b3a898dd

SHA-256:
ea54080616e9827d9ab01654419452ac9f7f699fc38866d582f2b4c0f2db3288

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/27/2024 3:54:15 PM UTC  (today)

File size:
1.2 MB (1,289,576 bytes)

Product version:
15.4.3555.0308

Copyright:
© Microsoft Corporation. Todos os direitos reservados.

Original file name:
wlsres.dll.mui

File type:
Executable application (Win32 EXE)

Language:
Brazilian Portuguese

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\497184_stp.exe

Digital Signature
Authority:
Microsoft Corporation

Valid from:
2/21/2011 5:53:12 PM

Valid to:
5/21/2012 5:53:12 PM

Subject:
CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
6101B29B000000000015

File PE Metadata
Compilation timestamp:
3/8/2012 11:14:00 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:Fwa2WRC3X9ovTzB4uOG6A4Sgt8G0+j4OHISDWBb5IsEk0c1G8C:GQ8X9Szd76A4S68o31DwmY1GB

Entry address:
0x34ED9

Entry point:
E8, 4A, 38, 00, 00, E9, 74, FE, FF, FF, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 5D, E9, 5E, 03, 00, 00, CC, CC, CC, CC, CC, 8B, FF, 51, C7, 01, 28, 4F, 40, 00, E8, BD, 38, 00, 00, 59, C3, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, DE, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, C2, FF, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, F8, 38, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, CC, CC, CC, CC, CC, 8B...
 
[+]

Code size:
923 KB (945,152 bytes)

The file 497184_stp.exe has been seen being distributed by the following 42 URLs.

http://gsf-cf.softonic.com/c0e/72a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3350266&instance=softonic_br&type=PROGRAM&Expires=1462050800&Signature=gp3HSxWEc~pJ1ZpMEJOZxj3g1X1Xqycg2gOKikAblOxpLFad6IFaeZgTDlN62oDaoRxM3c0u6PleoAxoFB7cj4oqfu4LuAXamLcFKArTPDRlCg5ESmFvwTp1BDBWDxPpmFSk8dTqf02~LhT~vvUr3mJhD2aGfeL3~dyJ24ylk-g_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wlsetup-web.exe

http://g.live.com/1rewlive4-web/.../wlsetup-web.exe

http://gsf-cf.softonic.com/c0e/72a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3350266&instance=softonic_br&type=PROGRAM&Expires=1460546220&Signature=dtQs~FwnrXHG8tQ9DQoJYT-wMNucBP~v7JHeIZ5lKUrV5LmPzaGJHdJpoOygHkYecTX3YY1xA5bmw-EV-jax7SrRi521gF5PagbGr6Y4FtrsmVzqrHiaop-k0Fj3tnMqOZ0eew4HZAPqNeV~ex2B8NsCVk-Twn8lW06ZFwPcpEc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wlsetup-web.exe

http://wl.dlservice.microsoft.com/download/8/8/5/885E6ED0-CAA5-475C-A21A-C8505F662B10/.../wlsetup-web.exe

https://mega.nz/temporary/.../Ysgl1RqC

http://d.awesomefolderssection.com/c?x=Mtrm EGFbOAClXz8HnaYS gRfE1OtriNgISJ6CE4T7Q=&c=Q41OWZ7CIaOQoiInEzxLUA asRh0BHuLUXZPf9DG3jFmst62YsdxU5A3kxvqpxb8RzaERAQKwspyTjp5fHO74g==&fallback_url=http://wl.dlservice.microsoft.com/download/D/5/E/D5EF9F7B-FA44-4C80-9665-0057A4FF9D1E/.../wlsetup-web.exe

http://gsf-cf.softonic.com/c0e/72a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3350266&instance=softonic_br&type=PROGRAM&Expires=1461741426&Signature=OswIjZPYZz4maYGDcHqo5sENoZxaXHg7cSLcyHAGihFSc26e0kCQOHWDDeazjnykAZ5nJnT2SyZFUXaniAkFj-gAxtsTn7nBWmWL95qfm-DICLBgVhdDNMRXEt142zOq51llycX8AQWqGIHGS4aL08XGPhIitzuXazG-JFIqxU8_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wlsetup-web.exe

http://www.grupoacta.com.br/tutoriais/.../wlsetup-web.exe

http://dc530.4shared.com/download/.../movie_maker.exe

http://gsf-cf.softonic.com/c0e/72a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3350266&instance=softonic_br&type=PROGRAM&Expires=1449743752&Signature=gMgGCpjR3rYP5UlFdj8fKO~dTwAlnh1JFkiOd-AwKK~4SHjMJqKu-b2XxgAxClNwKocMCVAmsrW7FGgiCVWcSMv9g8kOfRecWiDuU--96YnZuxmFnPhIa63rFkKoqMKkN1-L-JGV4P2uhwS0OvTZe9FeZRVb8ldj9lJyGIkKwTw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wlsetup-web.exe

http://gsf-cf.softonic.com/c0e/72a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3350266&instance=softonic_br&type=PROGRAM&Expires=1471434886&Signature=GjMwzC~AMBhCk6v4M71d01lcuUyJTL0FivULdV7GHzYiTi~~GJKS9Ukpicww7I2qsze6sYlp0OFARrH7C2K8PepDLAQN8fPzZVq3uRRJ-P-Q9aP50rQe0GLH2ULTwbjThc11vldD4RcfLYZt8tvi0TeVotB9PWmGCyEDQfZoN4E_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wlsetup-web.exe

http://gsf-cf.softonic.com/c0e/72a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3350266&instance=softonic_br&type=PROGRAM&Expires=1470742689&Signature=f4n4O4e5tQFan-eDZbzwXoy0dgpEPJPFyCfvhweVBYh~2izWiLM0EE0kgj10-KuTvDMckeeomIo~ZorkWTw3MDhu9WHXckLi6jkb8mkv1Q1z3giqZ7rOHYbicEWmdGll4pK6l~4zwtP1dW3xE8-6uC4XL8vJD76lLIfKKjVLnRQ_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wlsetup-web.exe

http://gsf-cf.softonic.com/c0e/72a/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3350266&instance=softonic_br&type=PROGRAM&Expires=1449366615&Signature=ZOZbvCx4~c3bPWu8NSHX8-KhNUdY0CHOuP2A6KWYEtJP9glSpSwtik9JCp21HgSKCOELEtch03DAVLqOzhyXVgkdWUDnrsH3xu743z5kdpYwhEBRKGnHsUBeFLMYlAucX8Qzgq5fAmdR9qGt2dpClN0zG1PDgoI1A55tBVn9Hmo_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=wlsetup-web.exe

http://www.techtudo.com.br/_/software/.../download

http://gerenciador.nzs.com.br/nocache/programas/urls/iron/.../windows-movie-maker-93-9-4102642.exe

http://gsf-cf.softonic.com/24b/cef/.../wlsetup-web.exe

http://files.downloadnow.com/s/software/11/90/76/.../wlsetup-web.exe

http://www.unimestre.seifai.edu.br/projetos/unimestre/.../index.php?tid=0&lid=0&sid=ae7a96f5a4a&tid=0&lid=0&sid=ae7a96f5a4a

temp:wlsetup-web.exe

Latest 30 of 42 download URLs