» 8600782_stp.exe
Overview
Analysis
File Details
Programs (1)
Downloads (22)

8600782_stp.exe

Crazy Browser 3.1.0

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from lb.cdn.m6web.fr and multiple other hosts.

File name:

8600782_stp.exe

Product:

Crazy Browser 3.1.0

Description:

Crazy Browser 3.1.0 Setup

MD5:

98314081ebda5d1d3adb805a62ba3082

SHA-1:

6feb0dd5a0ad65be67c6206621cbcbec6a2d1f0f

SHA-256:

bbf57c0fde16ea8ac0991944cee5f2493ed8fbb6d0d244e9b9fc35965b479f70

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/17/2024 3:27:48 PM UTC (today)

Scan engine

Detection

Engine version

ViRobot

Trojan.Win32.A.Clicker.739485

2011.4.7.4223

File size:

722.2 KB (739,485 bytes)

File type:

Executable application (Win32 EXE)

Installer:

Inno Setup

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\8600782_stp.exe

File PE Metadata

Compilation timestamp:

6/19/1992 11:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:v2UtIRIJhwdmQ+F9T0MzKvHZDM+2lDD255WtGHV7awtdhfVZTytPScqKvnY3QyuE:v2Ue+odmQc0gXBDKQu3tLrTyt8YaXag

Entry address:

0x9A58

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 6E, 96, FF, FF, E8, 75, A8, FF, FF, E8, A0, CA, FF, FF, E8, E7, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, 0B, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, D4, A0, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, AC, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 1F, 97, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8... 
[+]

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

36.5 KB (37,376 bytes)

The file 8600782_stp.exe has been discovered within the following program.

Advanced IP Scanner by Famatech

Publisher's description - “Advanced IP Scanner is a , fast and powerful network scanner with a user-friendly interface. In a matter of seconds, Advanced IP Scanner can locate all the computers on your wired or wireless local network and conduct a scan of their ports.”

www.advanced-ip-scanner.com

4% remove it

The file 8600782_stp.exe has been seen being distributed by the following 22 URLs.

http://lb.cdn.m6web.fr/d/c/a/9c44c9e194bf9fb7a11bacc119fa632f/58a817ac/soft/.../crazy-browser_3-10_en_10689.exe

http://www.vaultsheadcentral.com/WVl6OTRQV2R4U1VvemFsbE9kbk42YlVSeVpVNVBaVE5ST0Vock9YRlNlRWxhY1Zrd04xbEZiREJJZEdKaWFGRWxNMFFtWXoxNU4yMTZZVW9sTWtKYU5WUm9KVEpHWlZoSGRsaHdTU1V5UWtSdFkyWlJOVmhPTVhSWlUwbGtaRTRsTWtabE1HRk9PVzFJUzFkall6aERlbTV0VFhCVlNrTWxNa1p3T0V0U1NWaExRbGRoYkROd1IyRjFlbGwxVlZaSGQwWnpNbVJ0WTBGcFpVdFJTeVV5Um05aVRrOXplRGRPVXpkTlNIZDRTMWhsVHpZeFNqRjZOVE5CUVZWVk5tdzBNU1prYjNkdWJHOWhaRUZ6UFdOeVlYcDVMV0p5YjNkelpYSXRNeTR4TUM1bGVHVW1abUZzYkdKaFkydGZkWEpzUFdoMGRIQWxNMEVsTWtZbE1rWndaaTVpWlc1cVlXMXBibk4wY21Gb2N5NWpiMjBsTWtaekpUSkdNVFExTnpRMk9USTNNaVV5Um1WdUpUSkdOQ1V5UmpJbE1rWTBNall5TlMwMk5qSTNOekl0WTNKaGVua3RZbkp2ZDNObGNpNWxlR1U9

http://soft.mydiv.net/win/dlfiled709f_212033/.../cbsetup.exe

https://dw.uptodown.com/dwn/PNF1OXJsaAXgac7JyTM1AkRqWY04Fb38TZTKwgM0o4HBirV83qDXQZFFmIBJkLj6HSd5KMipS0kC7x6xW6rdyDCTz26eIkiK8LaDwMZ4KkVBAS9tLB1L3BjdofSy2j8v/5KQrJtxr0uUwBPNGMtKeBQrrUke9WAsgas-aX_Nm2Tece3bUOZb6pW8Ya0bLTbaZGlHg25Rmj5hm6q2O5uTYDpU0nWP9Dcw3lKq3WXRhdY4JGZ18zi3mV_slnRzgel27/hVayjSztrhJgMW4ToVzDlrdHHYzurABrd6gbh4YWbtQjWZoRWd1oGRG7OotjXsT0_OOrTNfF-NQxtFkd4USRG3aPt30E7ueh7BbreIOnAlQBM-fsoCwMKbxVI0_dhJkW/.../

http://gsf-cf.softonic.com/6fe/b0d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19241&instance=softonic_es&type=PROGRAM&Expires=1482467600&Signature=bE96f3yRRRmjRDdCtJj5cL7zDnaeAiebv4ZiAvpNaMMGgcmt6MN1wf8z3olLLzhhTZGloyhYwlHz4SAGt~cd15YdsCd0TGNmEodZTcaltGkg8gjPeLOD4WiJwXEbPDlYUbdGZ7Tpl1cjHQjZWzz6RaMUev5iM6rJZyGmbB8j3rs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cbsetup.exe

https://d1ob5g40gc5b6g.cloudfront.net/1/9/.../cbsetup.exe

http://www.currentupdateconcepts.com/0fBk pzMundLzKOMgl1kD5Kurp0nRXa2r2nj69r9UZbMWjL7e9_QWceE20_j zWeQJNbbbPLM rd a5q1_6a72sWsNWSFFh6OeTW7AlQSHU xbPGpY5SxNJ6wG7MOuKXu_TwCmklNGRADNRdRnWhFHQtH1H6bSdBvlFgLtqeouqVE gDZaNxsdNQTzzRKI51hRFmD6HB-Gz0AAESnQ6mgUgOp5y054JADh YRhaIBBtj5woOe7nGrURhw71lEW3_CSEo6bARPtyTyks=

http://download.findmysoft.com/2012/01/.../Crazy-Browser_3.10.exe

https://dw.uptodown.com/dwn/RpgkdtMHsvy3Fq-0Zq9C55F36mElPPM329s1PpxFbrN9ubCKpQuniUyMQQmSjmF0vjjF3ZorbhWRgfLeC_h9t57tGMpPYg0eIgFNDHyqrgXE_phNhjjTNVr7Aac7Ynta/6kPqdbHvQXFvrrPejpvlqSKrxvjzPhthbSrfo2F77Ds_sXQnXsjCN8UItJJo72liMjn0Zxb6hZlH9eRVW22aNdZnLVbNN49nLUX1KCeOoSfeB_Q-tWVijMQKuZrq_3KL/BlWebI22_PhLSFZF2SaCTNaWwPDiWyP23vgB0k0VLPbcMR-0MK-47uiTcqP5n5bEiNw9b6FC4iI72s9fFYPGZ1MLA15SmqfRLfWpTM01BzGbzOM4BRlNgNTyZmmPm4R2/.../

http://qpdownload.com/download.php?name=crazy-browser

http://gsf-cf.softonic.com/6fe/b0d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19241&instance=softonic_nl&type=PROGRAM&Expires=1465464575&Signature=G3pH43-E4BZ4vV4cK5JakLIKNgdtj6~KAgd6a9MdwTH-YA6WNbositCjy4EDsvsTfJDU0~g0bQXqNBB5XcbYUIpjJEQoTI97N28H00bfgvJyZpFvWFlzR4ykCqPO6~dn1sLjKKZM6PNJxdZsIQgUPwo-z1Ky~1EqLMnogehZxbU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cbsetup.exe

http://dl-vip.appstore.baidu.co.th/.../Crazy_Browser_3.1.0.exe

http://gsf-cf.softonic.com/6fe/b0d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19241&instance=softonic_it&type=PROGRAM&Expires=1463448656&Signature=iM0f28z7I9mmXPZSatp2KagnYa8emvwwAcKYn7IZQrtG4D3eGrCS38bQ1pz-WS3v6VUeSp7Egw1Y-LvfPMdZBlFlmqPCbkjrv4GotATvmjGyFTnm8ECyS2~qtnrvHVTQai4gLxMPacg9skwCqnBd65CHzaEK-sN-SXz2gK49BZc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cbsetup.exe

http://ec.ccm2.net/www.commentcamarche.net/download/.../cbsetup-3.10.exe

http://crazy-browser.software.informer.com/.../

http://gsf-cf.softonic.com/6fe/b0d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19241&instance=softonic_br&type=PROGRAM&Expires=1456197919&Signature=dC67cbPylslTJEeatQnP9nZIgrEAKRA3D9eLAbI3HElelBXzsHljuGaiSb91QxXGRYTOP3uYF6AsSrI7Yq4QR~dog~KX7XM2b9LSyMbrH50ukjjKEg-k5ddPBbP9cTM41mjPQ1l9wH2CoGrV226ef5FEQJlxxyNkNMcGvmOwkfM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cbsetup.exe

http://crazy-browser.soft32.com/get/file/id/.../

http://download.s32cdn.com/1/9/.../cbsetup.exe

http://ec.ccm2.net/ccm.net/download/.../cbsetup-3.10.exe

http://download.dogsoft.ru/Crazy_Browser_3.10.exe

http://www.crazybrowser.com/cbsetup.exe

http://crazybrowser.com/cbsetup.exe

Scan 8600782_stp.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.