snsetup.exe

Tenebril Incorporated product installer wrapper

Tenebril Incorporated

This is a self-extracting archive and installer. The file has been seen being downloaded from windows.indir.com and multiple other hosts.
Publisher:
Tenebril Incorporated  (signed and verified)

Product:
Tenebril Incorporated product installer wrapper

Description:
Product installer

Version:
1, 0, 0, 1

MD5:
1c0cb43e3a3ceb646bdc766454b6f0cb

SHA-1:
95ac978dab603e681db1ae3c44037de47450c728

SHA-256:
fe60d9be6a8f49b5c75789d982a09df91e97e0f608e6169f143d1649ef15079f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/14/2024 6:09:59 AM UTC  (today)

File size:
4.5 MB (4,731,736 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright © 2004 Tenebril Inc.

Original file name:
StampEngine.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\snsetup.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
9/1/2004 5:00:00 PM

Valid to:
9/28/2005 4:59:59 PM

Subject:
CN=Tenebril Incorporated, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Tenebril Incorporated, L=Boston, S=MA, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2001 CA, OU=Terms of use at https://www.verisign.com/rpa (c)01, OU=VeriSign Trust Network, O="VeriSign, Inc."

Serial number:
1CD20B27C1B1DFD495B833BD41C8BB89

File PE Metadata
Compilation timestamp:
7/27/2004 7:35:07 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:zoDc/LrQTCWCGXlrhi3JElFizF1wDgzP56sDjBh/GOSrGt:c4/LylIJ0FiigzwsJpGOSc

Entry address:
0x2BCF

Entry point:
55, 8B, EC, 6A, FF, 68, D0, 10, 40, 00, 68, 68, 3F, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 58, 10, 40, 00, 33, D2, 8A, D4, 89, 15, 20, 52, 40, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 1C, 52, 40, 00, C1, E1, 08, 03, CA, 89, 0D, 18, 52, 40, 00, C1, E8, 10, A3, 14, 52, 40, 00, 33, F6, 56, E8, E0, 00, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 81, 10, 00, 00, FF, 15, 54, 10, 40, 00, A3, 14, 57, 40, 00, E8...
 
[+]

Entropy:
7.9962

Developed / compiled with:
Microsoft Visual C++ v6.0

The file snsetup.exe has been seen being distributed by the following 7 URLs.

http://windows.indir.com/kaydet.php?x=T0RsQVFFQWhJU0V1UVhOdUt6Um1KVzAxVFE9PXx8fGM4MmQzMDQ4YTMxNTg4OWY2NDU3OTQ4OWRhMTk0YWRl&m=1

http://gsf-cf.softonic.com/95a/c97/.../file?SD_used=0&channel=WEB&fdh=no&id_file=9303&instance=softonic_fr&type=PROGRAM&Expires=1476238159&Signature=AonZKIgm0Hmb7VmqWzVqo~HO1Sqho1pPIY~nbRbbxQIr6TGBHi0OWKntDtiGJ3mzkzRgpbPVqi-9FJ1CRZy9yxBmsaZ~rLjxwg2UQhALl1bFaOTwbBn6MzgERjrha9lFdDXO5mI9l7lqR9Y8e8GMveUbgQ-5lBNSAB-TsPdWqFw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=snsetup.exe

http://gsf-cf.softonic.com/95a/c97/.../file?SD_used=0&channel=WEB&fdh=no&id_file=9303&instance=softonic_en&type=PROGRAM&Expires=1478285491&Signature=A1AiT0QfVPF4MC2m-jFzvu4RvQgIgXMFAbRqZvo9XLA~LMp-9G~tNDRHrXmq0dJAeKJLM3Ix9imv6TneMKaAVlMIdF4lz5eVUbmvk~C2CZIUrrW9F6fA~VaK7fSVpufuV9xgDW38U~MwnMtjLBoz5qXEEPjvJU5~nHR-OtDjtE0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=snsetup.exe

http://gsf-cf.softonic.com/95a/c97/.../file?SD_used=0&channel=WEB&fdh=no&id_file=9303&instance=softonic_pl&type=PROGRAM&Expires=1476650494&Signature=hJ0qJB8VaVBoDlvmsoBdOm1oRfLMUI5FItNSZ7wvutKQfA2a7ZNloApfh1Pzr81NJnVO~kXLPBnXbRc--xLFj2O0Qe4POOpjBx6zj1Kwl7hsjuWQjOukAWy9QiIxoVcMl-ELQvbfYabKaOSZVzoHQpErF4v5NxjKafNyW5BMg6c_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=snsetup.exe

Scan snsetup.exe - Powered by Reason Core Security