» 148525_stp.exe
Overview
Analysis
File Details
Programs (1)
Downloads (37)

148525_stp.exe

Adobe Reader Installer

Adobe Systems Incorporated

This is a setup and installation application. The file has been seen being downloaded from aihdownload.adobe.com and multiple other hosts.

File name:

148525_stp.exe

Publisher:

Solid State Networks (signed by Adobe Systems Incorporated)

Product:

Adobe Reader Installer

Version:

3.3.9.0

MD5:

d720b11e0fcd829361087eaffa641df9

SHA-1:

2f8a8f71561203cc4c5c84e15c72aafdf431576b

SHA-256:

cba7ae5ed4568d66baf20395300c91816a32d2cd6950f32d74e3e120d9165f7a

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/19/2024 8:13:02 AM UTC (today)

File size:

1 MB (1,071,568 bytes)

Product version:

3.3.9.0

Original file name:

host.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\148525_stp.exe

Digital Signature

Signed by:

Adobe Systems Incorporated

Authority:

Symantec Corporation

Valid from:

7/30/2013 2:00:00 AM

Valid to:

7/26/2015 1:59:59 AM

Subject:

CN=Adobe Systems Incorporated, OU=CS Production, O=Adobe Systems Incorporated, L=San Jose, S=California, C=US, SERIALNUMBER=2748129, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US

Issuer:

CN=Symantec Class 3 Extended Validation Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

4272E5D73E43628B1CF3F7F2D5F54BAD

File PE Metadata

Compilation timestamp:

6/24/2013 9:22:53 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:kdSA+DTHZ+qh5Ql4LCev4wwZvCIH5pdRVzzHujfFGTyj:kdSP5+qh5xNgTCEPV/H2fs+

Entry address:

0x73050

Entry point:

60, BE, 00, 60, 44, 00, 8D, BE, 00, B0, FB, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B... 
[+]

Entropy:

7.9787

Packer / compiler:

UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:

184 KB (188,416 bytes)

The file 148525_stp.exe has been discovered within the following program.

360Amigo System Speedup Free by 360Amigo

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).

www.360amigo.com

53% remove it

The file 148525_stp.exe has been seen being distributed by the following 37 URLs.

http://aihdownload.adobe.com/bin/.../install_reader11_es_gtbd_chrd_dn_awb_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_de_mssa_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_de_mssd_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_jp_mssa_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_tw_mssa_awc_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_br_mssa_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_es_gtba_chra_dy_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_en_mssd_aih.exe

http://88.255.201.4:8099/.../install_reader11_tr_chra_awa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_en_ltr5x32d_awc_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_es_gtbd_chrd_dn_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_es_mssd_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_br_mssd_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_pl_mssa_awc_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_en_gtbd_chrd_dn_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_pl_mssa_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_br_ltr5x64d_awc_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_uk_ltr5x64d_awc_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_se_mssa_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_se_mssd_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_fr_ltr5x32d_awc_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_nl_mssa_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_ru_mssa_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_fr_mssa_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_uk_mssd_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_nl_ltr5x64d_awc_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_pl_mssd_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_hr_mssa_awc_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_it_mssd_aaa_aih.exe

http://aihdownload.adobe.com/bin/.../install_reader11_fr_ltr5x64d_awc_aih.exe

Latest 30 of 37 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.