home

6ddf6dbb_stp.exe

Sony Windows Installer Preloader

Sony Creative Software Inc.

This is a setup and installation application. The file has been seen being downloaded from d.likelyaa.com and multiple other hosts.
Publisher:
Sony Creative Software Inc.

Product:
Sony Windows Installer Preloader

Version:
Version 1.0 (Build 35)

MD5:
cd6fad70aba22ae64dc0ea431a99f2ab

SHA-1:
00987adcd4ba86bac1b2545a61eed52102b18db8

SHA-256:
2353c705cc6dec653b319f0064adc0eedcf111cc6eb9278b4f93b5f6e46efd58

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 3:39:51 PM UTC  (today)

File size:
164.6 MB (172,598,373 bytes)

Product version:
Version 1.0 (Build 35)

Copyright:
Copyright (C) 2013 Sony Creative Software Inc.

Original file name:
SETUP.EXE

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\6ddf6dbb_stp.exe

File PE Metadata
Compilation timestamp:
10/29/2013 8:30:35 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
3145728:w2FLPulurKJ5f/QreygPCrBzXrHEhH/coJF6dISDOG1:wb8qQraCrBXkB/m

Entry address:
0xEA3C9

Entry point:
E8, 9F, A3, 00, 00, E9, 78, FE, FF, FF, 6A, 10, 68, B0, 29, 89, 00, E8, B1, 64, 00, 00, 33, C0, 8B, 5D, 08, 33, FF, 3B, DF, 0F, 95, C0, 3B, C7, 75, 1D, E8, 28, 39, 00, 00, C7, 00, 16, 00, 00, 00, 57, 57, 57, 57, 57, E8, 95, 38, 00, 00, 83, C4, 14, 83, C8, FF, EB, 53, 83, 3D, FC, 75, 96, 00, 03, 75, 38, 6A, 04, E8, 15, 7A, 00, 00, 59, 89, 7D, FC, 53, E8, 39, 7B, 00, 00, 59, 89, 45, E0, 3B, C7, 74, 0B, 8B, 73, FC, 83, EE, 09, 89, 75, E4, EB, 03, 8B, 75, E4, C7, 45, FC, FE, FF, FF, FF, E8, 25, 00, 00, 00, 39...
 
[+]

Code size:
2.7 MB (2,783,744 bytes)

The file 6ddf6dbb_stp.exe has been seen being distributed by the following 5 URLs.

http://d.likelyaa.com/?ic_user_id=9289&data=FCrB5ABpLrLfIzmwSZKq0MNcf2HaOqx8skFBFjphv/wHQ4luTqWM0oz8I1Kzb77UHuYah4pg7MP AVR3obX9Bc8qpw FKDvLl s74l5R4U/N QNjNFOjIVuF ydBG7P /eIAxDWki3iebW0rZByNsV7K82Uvy4AQnPSrXzx2q6C0zsYnBbfrom0qEKk3CSiAZSBHhw8cosUJglTvEsXjpmtmletOazOptmdh11bFFpAns1MTIJ7HTU6YJD79dnOvwoSMCieqoOXEKPYWA27hLH1 v/7bas8v4iTDRRmjTMXK aVwN1gGR/FLq7Rc5dDyx132K62XGn3xrf70sZwjDtjbV/325eRvbt/3GKUH2JwHWRD26osQ2brj6o8me2L/dfzwn40bvTta0F756sCDDw4MBTEvC71vL0QOCRCKUwQEZ348fwWdraA WF7gs viwnuBiCxcN5saFQ8MokPA2GI/NAlgFeXgQJKF28bpE9bZLj504aRwknwvg/tt0TIQYA9Z89 FOBSowmAJ67xPR9tdhW5TD3htwmnCW84e0JhtW3aTQrsAR6srDX44NHEojHpyyP/6fQuQIAAJ1vDx64 4pSsiis5CyvMBXTSv57/aGIUhUX4LyK49dLN/P4gYEc0 kbqbUHOjZ88z5qFtdypq9yvODT9f8f1SYsdmIArV/yTgiv6CBa4q8KKwudaK9B3GdpO24l6bKwA7GSCE5k9SB/Sv53YaKjHOk2S6F8LxCb5D9jW4RfBQ3h4gYb0Gil9xQpdn F3Lr9r&key=PxbLxF4svvnBNXJ 5LafV1yVU5 ZYAw2GkoOW1KKqiKU2kUN6j6 6PX0a8gE5pCQ4wOtka8BoP07iTsMpAYKU363t1K4c9E5yigjTUSpFq0/.../RBtkvIx1Pp6zJ82kVKWWtVAVLKKyj7xPS6M0Jurs5yjYrCW

http://cdn.straightfileshouse.com/c?x=EHuyMduAKzlZqCgG 2fqHHundosnJ16VHRXIaFHBIfQ=&c=Dim7LzMTx8hWHBD2uq18RRuLh3x10E928lFJHlGdb9 3coSoDTjW4AIz8p4kCCHpdj2icq7gCnDoREYpsO6pQA==&fallback_url=http://dspcdn.sonycreativesoftware.com/.../moviestudio13.0.154_32bit.exe

http://cdn.perkyapplist.com/c?x=Vl UviKTSfJtPodSgQ0Oq3FSC1vnTcwcmGYmnv6CgoM=&c=3hvOEC9I9rAAG2SXCbgkkAADZnzavxH2e/92hp3m a5iaF9ncEg gKBfGk/Q4tLwbjvaqJVS QD8/M3qIUuntzL9CxEjY4KxespWZodiz9fIIfkBi0X79OtvEDh9utZ/&fallback_url=http://dspcdn.sonycreativesoftware.com/.../moviestudio13.0.154_32bit.exe&downloadAs=vegas-movie-studio-32-bits.exe

http://gerenciador.nozebra.com.br/nocache/programas/urls/iron/.../vegas-movie-studio-61-22-4102972.exe

http://cdn.goodfolderstuff.com/c?x=MN48VeFTGvn6MEtJs5 OjdN3obrEs6skQXNOkD0bkQA=&c=HUG74fz gCyJZCEwgYriDDu1ufaZum1QXEpEppNK9S0yQBzFYsU9bDylbIAoNe13XqC0aLhTfApR9qD5eGL2bA==&fallback_url=http://dspcdn.sonycreativesoftware.com/.../moviestudio13.0.154_32bit.exe

Scan 6ddf6dbb_stp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.