8600782_stp.exe

Crazy Browser 3.1.0

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from lb.cdn.m6web.fr and multiple other hosts.
Product:
Crazy Browser 3.1.0

Description:
Crazy Browser 3.1.0 Setup

MD5:
98314081ebda5d1d3adb805a62ba3082

SHA-1:
6feb0dd5a0ad65be67c6206621cbcbec6a2d1f0f

SHA-256:
bbf57c0fde16ea8ac0991944cee5f2493ed8fbb6d0d244e9b9fc35965b479f70

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/28/2024 12:44:13 PM UTC  (today)

Scan engine
Detection
Engine version

ViRobot
Trojan.Win32.A.Clicker.739485
2011.4.7.4223

File size:
722.2 KB (739,485 bytes)

Copyright:
Copyright (c) 2000-2011 Crazy Browser

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\8600782_stp.exe

File PE Metadata
Compilation timestamp:
6/19/1992 11:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:v2UtIRIJhwdmQ+F9T0MzKvHZDM+2lDD255WtGHV7awtdhfVZTytPScqKvnY3QyuE:v2Ue+odmQc0gXBDKQu3tLrTyt8YaXag

Entry address:
0x9A58

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 6E, 96, FF, FF, E8, 75, A8, FF, FF, E8, A0, CA, FF, FF, E8, E7, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, 0B, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, D4, A0, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, AC, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 1F, 97, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8...
 
[+]

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36.5 KB (37,376 bytes)

The file 8600782_stp.exe has been discovered within the following program.

Advanced IP Scanner  by Famatech
Publisher's description - “Advanced IP Scanner is a , fast and powerful network scanner with a user-friendly interface. In a matter of seconds, Advanced IP Scanner can locate all the computers on your wired or wireless local network and conduct a scan of their ports.”
www.advanced-ip-scanner.com
4% remove it
 
Powered by Should I Remove It?

The file 8600782_stp.exe has been seen being distributed by the following 22 URLs.

http://lb.cdn.m6web.fr/d/c/a/9c44c9e194bf9fb7a11bacc119fa632f/58a817ac/soft/.../crazy-browser_3-10_en_10689.exe

http://www.vaultsheadcentral.com/WVl6OTRQV2R4U1VvemFsbE9kbk42YlVSeVpVNVBaVE5ST0Vock9YRlNlRWxhY1Zrd04xbEZiREJJZEdKaWFGRWxNMFFtWXoxNU4yMTZZVW9sTWtKYU5WUm9KVEpHWlZoSGRsaHdTU1V5UWtSdFkyWlJOVmhPTVhSWlUwbGtaRTRsTWtabE1HRk9PVzFJUzFkall6aERlbTV0VFhCVlNrTWxNa1p3T0V0U1NWaExRbGRoYkROd1IyRjFlbGwxVlZaSGQwWnpNbVJ0WTBGcFpVdFJTeVV5Um05aVRrOXplRGRPVXpkTlNIZDRTMWhsVHpZeFNqRjZOVE5CUVZWVk5tdzBNU1prYjNkdWJHOWhaRUZ6UFdOeVlYcDVMV0p5YjNkelpYSXRNeTR4TUM1bGVHVW1abUZzYkdKaFkydGZkWEpzUFdoMGRIQWxNMEVsTWtZbE1rWndaaTVpWlc1cVlXMXBibk4wY21Gb2N5NWpiMjBsTWtaekpUSkdNVFExTnpRMk9USTNNaVV5Um1WdUpUSkdOQ1V5UmpJbE1rWTBNall5TlMwMk5qSTNOekl0WTNKaGVua3RZbkp2ZDNObGNpNWxlR1U9

http://soft.mydiv.net/win/dlfiled709f_212033/.../cbsetup.exe

https://dw.uptodown.com/dwn/PNF1OXJsaAXgac7JyTM1AkRqWY04Fb38TZTKwgM0o4HBirV83qDXQZFFmIBJkLj6HSd5KMipS0kC7x6xW6rdyDCTz26eIkiK8LaDwMZ4KkVBAS9tLB1L3BjdofSy2j8v/5KQrJtxr0uUwBPNGMtKeBQrrUke9WAsgas-aX_Nm2Tece3bUOZb6pW8Ya0bLTbaZGlHg25Rmj5hm6q2O5uTYDpU0nWP9Dcw3lKq3WXRhdY4JGZ18zi3mV_slnRzgel27/hVayjSztrhJgMW4ToVzDlrdHHYzurABrd6gbh4YWbtQjWZoRWd1oGRG7OotjXsT0_OOrTNfF-NQxtFkd4USRG3aPt30E7ueh7BbreIOnAlQBM-fsoCwMKbxVI0_dhJkW/.../

http://gsf-cf.softonic.com/6fe/b0d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19241&instance=softonic_es&type=PROGRAM&Expires=1482467600&Signature=bE96f3yRRRmjRDdCtJj5cL7zDnaeAiebv4ZiAvpNaMMGgcmt6MN1wf8z3olLLzhhTZGloyhYwlHz4SAGt~cd15YdsCd0TGNmEodZTcaltGkg8gjPeLOD4WiJwXEbPDlYUbdGZ7Tpl1cjHQjZWzz6RaMUev5iM6rJZyGmbB8j3rs_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cbsetup.exe

https://d1ob5g40gc5b6g.cloudfront.net/1/9/.../cbsetup.exe

http://www.currentupdateconcepts.com/0fBk pzMundLzKOMgl1kD5Kurp0nRXa2r2nj69r9UZbMWjL7e9_QWceE20_j zWeQJNbbbPLM rd a5q1_6a72sWsNWSFFh6OeTW7AlQSHU xbPGpY5SxNJ6wG7MOuKXu_TwCmklNGRADNRdRnWhFHQtH1H6bSdBvlFgLtqeouqVE gDZaNxsdNQTzzRKI51hRFmD6HB-Gz0AAESnQ6mgUgOp5y054JADh YRhaIBBtj5woOe7nGrURhw71lEW3_CSEo6bARPtyTyks=

http://download.findmysoft.com/2012/01/.../Crazy-Browser_3.10.exe

https://dw.uptodown.com/dwn/RpgkdtMHsvy3Fq-0Zq9C55F36mElPPM329s1PpxFbrN9ubCKpQuniUyMQQmSjmF0vjjF3ZorbhWRgfLeC_h9t57tGMpPYg0eIgFNDHyqrgXE_phNhjjTNVr7Aac7Ynta/6kPqdbHvQXFvrrPejpvlqSKrxvjzPhthbSrfo2F77Ds_sXQnXsjCN8UItJJo72liMjn0Zxb6hZlH9eRVW22aNdZnLVbNN49nLUX1KCeOoSfeB_Q-tWVijMQKuZrq_3KL/BlWebI22_PhLSFZF2SaCTNaWwPDiWyP23vgB0k0VLPbcMR-0MK-47uiTcqP5n5bEiNw9b6FC4iI72s9fFYPGZ1MLA15SmqfRLfWpTM01BzGbzOM4BRlNgNTyZmmPm4R2/.../

http://qpdownload.com/download.php?name=crazy-browser

http://gsf-cf.softonic.com/6fe/b0d/.../file?SD_used=0&channel=WEB&fdh=no&id_file=19241&instance=softonic_nl&type=PROGRAM&Expires=1465464575&Signature=G3pH43-E4BZ4vV4cK5JakLIKNgdtj6~KAgd6a9MdwTH-YA6WNbositCjy4EDsvsTfJDU0~g0bQXqNBB5XcbYUIpjJEQoTI97N28H00bfgvJyZpFvWFlzR4ykCqPO6~dn1sLjKKZM6PNJxdZsIQgUPwo-z1Ky~1EqLMnogehZxbU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=cbsetup.exe

Scan 8600782_stp.exe - Powered by Reason Core Security