vegaspro11.0.682_32bit.exe

Sony Windows Installer Preloader

Sony Creative Software Inc

This is a setup and installation application. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from drive.google.com and multiple other hosts.
Publisher:
Sony Creative Software Inc.  (signed by Sony Creative Software Inc)

Product:
Sony Windows Installer Preloader

Version:
Version 5.0 (Build 50)

MD5:
42fd9547b16bbd5407106fd4f4d18d32

SHA-1:
c0c14e1bf6da1201b49682501ff46cc4d2102813

SHA-256:
ca18ee4a762ded208c1969553ebcdbe8d6c0b29b2dacab9a24977f558f409837

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/24/2024 5:27:45 PM UTC  (today)

File size:
203.1 MB (213,003,208 bytes)

Product version:
Version 5.0 (Build 50)

Copyright:
Copyright (C) 2011 Sony Creative Software Inc.

Original file name:
SETUP.EXE

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\sony vegas pro 11\vegaspro11.0.682_32bit.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
10/9/2009 9:00:00 PM

Valid to:
10/9/2012 8:59:59 PM

Subject:
CN=Sony Creative Software Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Sony Creative Software Inc, L=Madison, S=Wisconsin, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
763032CE869EB50C396E26D0BF3B11F6

File PE Metadata
Compilation timestamp:
4/2/2012 12:57:02 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6291456:v57fKE9L+R2fcuAytBjeMUXORy5bk4/P/w:voo+gflAyLNUXVl/w

Entry address:
0xE8CE9

Entry point:
E8, 9F, A3, 00, 00, E9, 78, FE, FF, FF, 6A, 10, 68, C0, 57, 87, 00, E8, B1, 64, 00, 00, 33, C0, 8B, 5D, 08, 33, FF, 3B, DF, 0F, 95, C0, 3B, C7, 75, 1D, E8, 28, 39, 00, 00, C7, 00, 16, 00, 00, 00, 57, 57, 57, 57, 57, E8, 95, 38, 00, 00, 83, C4, 14, 83, C8, FF, EB, 53, 83, 3D, 9C, 95, 94, 00, 03, 75, 38, 6A, 04, E8, 15, 7A, 00, 00, 59, 89, 7D, FC, 53, E8, 39, 7B, 00, 00, 59, 89, 45, E0, 3B, C7, 74, 0B, 8B, 73, FC, 83, EE, 09, 89, 75, E4, EB, 03, 8B, 75, E4, C7, 45, FC, FE, FF, FF, FF, E8, 25, 00, 00, 00, 39...
 
[+]

Code size:
2.6 MB (2,776,064 bytes)

Scheduled Task
Task name:
{C54AF960-17B1-404D-8CBC-6F515BEDEE06}

Trigger:
Registration (Runs on registration)


The file vegaspro11.0.682_32bit.exe has been seen being distributed by the following 39 URLs.

https://drive.google.com/uc?export=download&confirm=pg3k&id=0Bw91HJnlXiG3N29QM2hhbE1BTDQ

http://www.ranchsignbundle.com/t0f96I7YfCIcXvjsyXwk6zjyrxZv3IG2YIMJf fN6C1AiK1xZn5B0_OdoBGxEhg2YOmg38FMbucpv_hmALq7wsCPT5Qz3LuEbFlZPwisuk4zUWJluwgF1br4dDfSQtbGwjDpppQ9Q_UONU1a CHsXBVEI9OI4pIEg7QasI6IA0GtNX u5hE=-Ow==

https://mega.nz/temporary/.../RQBFVAQZ

http://data2.stiahnut.sk/downloadFile.php?n=dmVnYXNfMTEzMmJpdC5leGU=&s=epmgvuebpos2so210tbroo90r6&r=35c2f49b343a7dd16295645612d78a69

https://mega.nz/persistent/.../dQZG0CID

http://data2.stiahnut.sk/downloadFile.php?n=dmVnYXNfMTEzMmJpdC5leGU=&s=em43jkk15vaqrfr7t2ho75d1l5&r=4b2ace79e0c051c490847b14e4e4ba0b

https://mega.nz/persistent/.../RQBFVAQZ

http://gerenciador.nzs.com.br/programas/urls/iron/.../vegas-pro.exe

https://mega.nz/persistent/.../Kodh3SKC

about:internet

http://www.ranchsignbundle.com/RbXlLXnDni1o17ZMAUlJLlukRcc kDj60F8U8V P9KE0LUD_44HAuGMbPHPHQu8kjwubFDBcCNahIiHnZ AhN2CvlZSnQzzRMQel7px7IjQb9j9F7PKJcZOJSVZ0T9ySMoIiOdKNYY55 uNfwtA0Hq4K0dMQ9U50EtZz82ql8hN vmilo E=-Ow==

http://www.ranchsignbundle.com/736nbcIyPFRfPFrZyK92ThUtjHWne4pJzTQK_9L4Q6U6SmLuMcMVf8dcGFaLivUW8J5 vm8vioDm2d7nIOPaT1DQMQ8RlUQ04Yc0702RugBozecEq87t053327I3HOE6NFIp1us2ewq4YomA mPLKC3b1eQsRwbvtmwKviFQEEJ8IxHCxks=-Ow==

http://69.4.238.159/vegaspro11.0.682_32bit.exe

Latest 30 of 39 download URLs

Scan vegaspro11.0.682_32bit.exe - Powered by Reason Core Security