86446979_stp.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from www.anyaplanet.net and multiple other hosts.
MD5:
2cb5c6e70a09759c71d72628bf84bc28

SHA-1:
759bfb8cebb72a824b7ffea2ccbe0fc86a3e3726

SHA-256:
66c0bb0a85bd1ebf6bad4dc7356eaf0f062c35b21aa9487a37a4e8443f21e205

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/5/2024 10:27:18 PM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
UnclassifiedMalware
17035

File size:
78.5 MB (82,308,090 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\86446979_stp.exe

File PE Metadata
Compilation timestamp:
2/4/2009 11:59:43 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1572864:eC5LYVhaAm6TSugLq7gRnfox8WOjWi2t66s86yxqO4zf:esLYVhaATWndRPjWiH86HL

Entry address:
0x30CB

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 38, 3F, 42, 00, E8, ED, 2B, 00, 00, A3, 84, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 30, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 80, 36, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, 92, 28, 00, 00...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
22.5 KB (23,040 bytes)

The file 86446979_stp.exe has been seen being distributed by the following 28 URLs.

http://www.anyaplanet.net/.../k3d-setup.exe

http://www.ranchsendgift.com/GPTda3zFZP2nVbz2xFVLjaeC2kn8OZyK4IYHJuGDvPl94uZIHhRLj5V1_6OnEm dLdRmV6iZWfaPftsEXTGuz4C_PEkWS3cxJTP9xjZIpD4NH8rcnhjJFW25 Fp0yv5wcA_ZCDZMcK3eArAFquXhQhpy_PyGEvRCuy7_sOlyeF4__1MJC6yPmHSJ4fTP93_ykke6vgiXJS1iBixfhNkxT_PY0xnDxA==-G2AAAGR0W6oPBZPMaKyT7wrgkAOnS0It8ICowHFoxz_REfHGS2Uh9cT02deEKfOJ0wFpvge9kOHplhu80i0zuKSDSdLsPfZnj6Zgd5mWGjqbnv4U

http://gsf-cf.softonic.com/759/bfb/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64127&instance=softonic_es&type=PROGRAM&Expires=1479790074&Signature=N2JJZ-WetGrmOCORZBGZQDyKo-XWU9KdGB9LajAIR~SLNmni0P~l4ggtFLnvid5CYewxt9TOYXmkooafqdUxzwBHr8CA~tddYZEEatdwy0-rtvp0DYu9QBUTMiB37zhoEaEJazKeiIikVGYWsWq-NslgWk29Msg2RkEoPZjEOd0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=k3d-setup-0.8.0.1.exe

http://www.ranchsendgift.com/QVOjNAM Td09GHvsC0S_gzf8QhDT M0a36Hw2L4oJG1yt9Ov1GxjAbDEHteppmH5xID7kzFbZVROvB2gEAvjKPyxFJl1dVGmQ70AnRJyLNfrAdDficUJX0vo2F_In68LcIDWMUA3CVYgowx89hbKaI6bq7l7zSI2Ja 1RWpRruH1LY8n090QKR76vbw DLgXpbkOCJpzqEwBeTcGyHkbA_zkbutOXQ==-G2AAAGR0W6oPBZPMaKyT7wrgkAOnS0It8ICowHFoxz_REfHGS2Uh9cT02deEKfOJ0wFpvge9kOHplhu80i0zuKSDSdLsPfZnj6Zgd5mWGjqbnv4U

http://www.vaultcapitalpackage.com/p1c6_QWoH33 26S4BI9EknYM1GkT7aFaiNdDYZk4 ZM0ajAfo81bdYZkylK1JhkfUgPYlRy_XVYJkjw2rQyiGZi1ZjDyauCjGdV28KWUafIzz0NyfXTEosU70hpNZ9GSyClYKCWEDKR0HM97Eq9kTcoh0IMChqilzmau269zhleqyuJBDEtiURBnhdbEb0lLNF8Teb2DP1eMdYLEfMtCtA7AbFhu w==-G2AAAGR0W6oPBZPMaKyT7wrgkAOnS0It8ICowHFoxz_REfHGS2Uh9cT02deEKfOJ0wFpvge9kOHplhu80i0zuKSDSdLsPfZnj6Zgd5mWGjqbnv4U

http://superb-sea2.dl.sourceforge.net/project/k3d/K-3D Win32 Binaries/.../k3d-setup-0.8.0.1.exe

http://cdn.portalprogramas-download.com/d/.../k3d

http://gsf-cf.softonic.com/759/bfb/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64127&instance=softonic_es&type=PROGRAM&Expires=1473158930&Signature=O~khCbBdI5Tf4f~6BF9XFq~~RseI34ky8463z877o7f5itmOy82N1inwdG2ufzElGp6-6xX5zVhVXKJOG8J5fU9tKIAso7sgME0d0-vzfEWFx-ngLqYH0L1n7sTYwSkEXg7tC0IooAD0r~cTZtTiyDpABTBKTn839F8C6TtY2dc_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=k3d-setup-0.8.0.1.exe

http://gsf-cf.softonic.com/759/bfb/.../file?SD_used=0&channel=WEB&fdh=no&id_file=64127&instance=softonic_es&type=PROGRAM&Expires=1477471150&Signature=TAE1q8~Wo4XKzeDAzam0Hu~H3tUZdCjdUw4d05NSNq~RzeiBjjYtoWC-U6YI6wvucZ7dzfjlPEOg-EfIUlLck3~OOQymU-8rLnqxtYA6OsFa7k~j-tq82UiQBf98k5P0ReUj854mjZmIpxU6qdosa7L9xw2Ci0iqneTwOqZk7iI_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=k3d-setup-0.8.0.1.exe

http://k-3d.softonic.com/download-tracker?th=8yS3 KGEYLiw7GKMHzA/trmsvRChbxdrflJq3ZIylWvTw187h9GLxXj8BD7PUOpwyBQ5X0downszEbwbbfF4fgRNV oNWF2ZXwyRj67uzztzyMT9YgHfSxnehvPRnRXuL65V3H6l2vOVcZC4BRX3jgMqDfmv 6uX/jWc4iT1DYzXVPJ1688tEd2EwGm7dpCJv0GRn9PmXYnCf6poX1i ZN4He78PO/ETYZklE53Gon1nOSvb6nmN5pBfTTdfrKGHJ3TV4GoNUjAsLEKDLx0zvYoeaQwBXMMWuRK7LaCUugyhN3IdZmsAA/BkAzfUl5QzsrOkoDymoCngHYOGVJAcyj6Q7sK595L3JLwiE2V5NbMTr2jwLAEtZt1aKxebINKLWr2wA7IRjnIOho WF7Tal9 elEx4b8srgGL7RztSm7xaPMGA2vS0Y99ooakYX8/bA4Cd YZx29LszS3sbCq7YL/OC9kiPAyWL90 UNNJ2c9HzSKAC64l7kwXXuSkFTc7CglBt hmR1YSQVNatmKM0Rtf3mtncFMob1o7BI5FBoyIigrcIoeOFnhAsldxrbq3SZNPmGKcadQzxbbGJ VEbflckZXI/AW/0cvk22/.../qDR54IH1wR7qWC4B0Q=

http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/k/project/k3/k3d/K-3D Win32 Binaries/.../k3d-setup-0.8.0.1.exe

Scan 86446979_stp.exe - Powered by Reason Core Security