home

si306setup.exe

StickIt

Singer's Creations

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
Singer's Creations

Product:
StickIt

Description:
StickIt Setup

MD5:
a8e9cea19d62332a442e01a69351ad5d

SHA-1:
8e3769ff9331d6df2b8b52452fe0b1351427fe3b

SHA-256:
74325c59437f74f39ab031ae904d868b8413417dad958729a6afbc149722893c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 3:34:42 AM UTC  (today)

File size:
1.3 MB (1,394,381 bytes)

Copyright:
Copyright © 2008 Mike Singer

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:v2Uj9HrMBaGx+S/YZOdWiLBNdLp+p72Xw7djf8YaXag:v2UGZx+0YZ2T9Ix2Xw7dj3aV

Entry address:
0x9A58

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 6E, 96, FF, FF, E8, 75, A8, FF, FF, E8, A0, CA, FF, FF, E8, E7, CA, FF, FF, E8, 0E, F3, FF, FF, E8, 75, F4, FF, FF, 33, C0, 55, 68, 0B, A1, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, D4, A0, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 9B, FE, FF, FF, E8, 02, FA, FF, FF, 8D, 55, F0, 33, C0, E8, AC, D0, FF, FF, 8B, 55, F0, B8, E4, CD, 40, 00, E8, 1F, 97, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E4, CD, 40, 00, B2, 01, B8...
 
[+]

Entropy:
7.9894

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
36.5 KB (37,376 bytes)

The file si306setup.exe has been seen being distributed by the following 6 URLs.

http://gsf-cf.softonic.com/8e3/769/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40798&instance=softonic_en&type=PROGRAM&Expires=1478640656&Signature=HKVq3WqHQJSjM8d2zh~A-2wQOidkAOF55YNiyF7v4G3b4oPeN~WXxMbIYNj455tV7RdYSPKb7whO7n3y1QLK8nVBho8G8nfm3B-PSi9zbr~c6DtEsBEmqCPDdWolHKkhrCgTE1fVUaCU6h1Caf4mmk9U6-WaBvdVwm-l~-whL3M_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=SI306SETUP.EXE

http://www.singerscreations.com/SISETUP.EXE

http://gsf-cf.softonic.com/8e3/769/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40798&instance=softonic_en&type=PROGRAM&Expires=1476736086&Signature=IQ7JTaB2rF9SyNVC9dolWI8SvasjvWQvfMbPsdOiTWXVedQHegVCB~FVauDardeLXNpUwXJuY3243SXHdadbNXUWxPCC-6HV8BthgWqbvG6DMdiKXbsCftUU57v4CvycnSTko1uIxko8R9ZAPIQVIewCRgOb-Jxg68XqhFRD2qM_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=SI306SETUP.EXE

https://dl.boxcloud.com/d/.../Y1l8_4rYHVHAHVFj2JdGIz9EGFIkAeZ-YuE4V3K_xBUFtEcUSQGChUKjDxY77UvWa27oAaKkB-jqa28dIT6W4yaWxwXh3vmtDWScsr0FLNY2c4epAZpqerhLFBtLJFurHEt12e42k7RCpyowzVSAX0_ug2cU0AFUSXDGT1NYerHE7R56BIFHclBk0sfk3m7Jpa43lddRIyNBxcB1y_mxLqFbqyq2SAR0H3u76JNXhWYQjZ2q3nPkj-1YetkP843epn0RnnQUizje7_YRXhEPr4aTFrjLg7yVisum-9VyBix2x4fAy_ZfQkMPFRX4Z5u63Pa5nSGLDksUhn2FKf6pfW41DKJ-LMusFE0eB3_qEv2fpmf_CZjCGeE34bK1n3RWRu6FZ-IRkrpdhFYxoJbdQwflgD_xHZQ3cTljJP_v-acXdFrYd5_21VQgIqw3mt6a0q1gKz6ta7qCd_p7uSG73JAOly9MEoyxtf-PtWDfB_Nb_h0HRRuzEL03jUe61xF5SliuYOuj_OiuT20nbjgpx5pdOTH00g6gY6o0KKjTEs-l7wR59Tr8X8WvxlBkZswrQoUU8xjh45XO-_NxDtVMM91gzjq90OMnDJMSl-GY5dbSM5Aj-7xkf3hyjYsTrtDIc_PSBkqdRRWdd_jbhV2kWFGhr4Rz6XC5ASlY9h3KQ9emUtShJWKw746HWncWpeo923Jvu_GErFbzQSfiYAyVfBb4lqHHhyRWl6InOFu0f6JAiKsmWyDVVe5R-XuL5cMzwOnhUofwp2SO1o1DLTKyHpL3_TjmkrcrD5IJTDbaz_0EF3K6scmxqXrkWaqP8pnXqWPP0-8ASIrnO-4BxtWeNfAuVdChnSZ0COQGzzyi74aNMeqRFgyT64HA8CDJM8xdudWDarnvwfBkS8CkIobY2q5Z26hOJHMODpVk-COljbOBrAWD8D8zIgh59TITEA0MaWClwWHOKv43

https://app.boxcn.net/index.php?rm=box_download_shared_file&file_id=f_236232598&shared_name=1ot10x4bim

http://www.singerscreations.com/.../SIsetup.exe

Scan si306setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.