Supremo.exe

Supremo

Nanosystems S.r.l.

This is a setup program which is used to install the application. The file has been seen being downloaded from www.takesupport.us and multiple other hosts.
Publisher:
Nanosystems S.r.l.  (signed and verified)

Product:
Supremo

Version:
3.0.2.376

MD5:
40b6ed8cda1f518e873e89ebc853bf59

SHA-1:
e4cf03366bfbdc86de6d18b8fc969806c11fdea1

SHA-256:
8c280f1a0cc58b8d3d63c26ced5d64d5fe4a6e83a4654fa015211e90d8eb17b0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 4:46:00 PM UTC  (today)

File size:
3.3 MB (3,495,920 bytes)

Product version:
3.0.2

Copyright:
Nanosystems S.r.l.

Original file name:
Supremo.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\supremo.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
12/29/2014 4:10:38 AM

Valid to:
1/30/2017 9:44:38 AM

Subject:
CN=Nanosystems S.r.l., O=Nanosystems S.r.l., L=Folignano, C=IT

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
3C7380F4564D656F

File PE Metadata
Compilation timestamp:
9/23/2015 9:15:14 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:U9MFTovCObpbVdsZlAR/wqTU8rxUGheTkj0AI3zd/WZ:U9MFTG5Vds8nXpl4AIh/WZ

Entry address:
0xEC0EC0

Entry point:
60, BE, 00, 60, F8, 00, 8D, BE, 00, B0, 47, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 4E, E5, EB, 00, 57, 83, C3, 04, 53, 68, B0, AE, 33, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
7.9874  (probably packed)

Code size:
3.2 MB (3,391,488 bytes)

The file Supremo.exe has been seen being distributed by the following 25 URLs.

http://www.takesupport.us/.../Supremo.exe

http://takesupport.us/.../Supremo.exe

http://abbc1.com/Supremo.exe

http://www.tradejini.com/credential/.../Supremo.exe

http://www.filehorse.com/download/file/.../

http://www.giasesores.com/GI Remoto.exe

http://dw9.uptodown.com/dwn/5M1MsLe-atBwKRv-hJApemwvpGLuRk4w7l3mPZky4lQnta-Tgj4yfvcpYsElSklgOr0MjuAgLk88pKXumFGASoZsPa6srLhJIc3unLTrZcW1e-ZECRGl3oq8OsTD4Stl/pYn62K1Vval5owYwLGolJHn2C4oBgb9cZyCAUsPMyXhSLV0ALsOFQT8X-CvImDPp25kmynL4-KY7ISEfp4xpiUPh2iUcWyGZG8BjaOJ2Y-V8fLGD_iEA588ehnYP2H8n/.../supremo-3-0-2-376-multi-win.exe

http://dw.uptodown.com/dwn/2B87Mb0loiW-LbItF0em2CuHheoKmWU7eUh__RRCuZKNr8-6WUIStjh05xWPiM52A8N9JdytHCFSZr1jcdYsSKy1G_RoLIbTfMFRg-Em4C5xW6EA5oEa19icV1QmcSjI/.../

http://gsf-cf.softonic.com/d9f/bac/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3336922&instance=softonic_es&type=PROGRAM&Expires=1448502109&Signature=NFklQPGCkchFqi7XX8RBttJObZrnutVVJzPHYFhfjW2nMODp2KShQWNzXRRjmbmKcX9MIjcqWMcA0ImrkdmDg0e~T3rjxmiXCO1mgI5ukIczjSDXSucdHoMwDRFY71oXD-swQVs3YW-fP6N8P5DDROsXoIeEpyL0aW88BWNOtTA_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=Supremo.exe

http://95.141.193.17/noload2/files/.../rsload.net.Supremo.exe

Scan Supremo.exe - Powered by Reason Core Security