home

vststubsetup.exe

Swift Funnel

The executable vststubsetup.exe has been detected as malware by 1 anti-virus scanner. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software.
Publisher:
Swift Funnel  (signed and verified)

MD5:
e10b4c9f1eec35a434fcd012fbef0ce2

SHA-1:
2d0734f6292415bc8d987acaba4babb3eda6261c

SHA-256:
2b199210b95f7560748bf8ed0b7c34087f2caa9304a32e9674e4cd8a9cf1c64f

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/26/2024 12:30:13 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.8.19.3

File size:
62.2 KB (63,648 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\0bae172d_stp\vststubsetup.exe

Digital Signature
Signed by:
Swift Funnel

Authority:
DigiCert Inc

Valid from:
11/7/2014 1:00:00 AM

Valid to:
11/12/2015 1:00:00 PM

Subject:
CN=Swift Funnel, O=Swift Funnel, L=Tel Aviv, S=HaMerkaz, C=IL

Issuer:
CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
072179ADE075666A3E388FF74BDA35D9

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
1536:a6Kqd1sfZJHL3vHj+1eKyCm79mDwNr6WBJlPIctPEW:l1oPrfHjJr79meJJRtPb

Entry address:
0xD078

Entry point:
55, 8B, EC, 83, C4, F0, B8, 28, D0, 40, 00, E8, F8, 78, FF, FF, 68, B0, D0, 40, 00, 6A, 00, 6A, 00, 6A, 00, 33, C9, BA, C8, D0, 40, 00, 33, C0, E8, EF, AE, FF, FF, E8, 4E, 69, FF, FF, 00, 00, FF, FF, FF, FF, 0C, 00, 00, 00, 50, 69, 77, 7A, 63, 74, 65, 60, 2E, 5F, 2C, 66, 00, 00, 00, 00, FF, FF, FF, FF, 16, 00, 00, 00, 2D, 31, 30, 2C, 2A, 72, 60, 2D, 31, 2C, 60, 68, 79, 2B, 51, 2C, 67, 6B, 62, 44, 2E, 7A, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
48.5 KB (49,664 bytes)

Remove vststubsetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.