» 15660926_stp.exe
Overview
Analysis
File Details
Downloads (12)

15660926_stp.exe

Rufus

akeo.ie - Open Source Developer

This is a setup program which is used to install the application. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.

File name:

15660926_stp.exe

Publisher:

akeo.ie (signed by akeo.ie - Open Source Developer)

Product:

Rufus

Version:

1.0.6.109

MD5:

b250595570a1929652286779ed539781

SHA-1:

bb4d27ac39d86de0b31c88202cde3ce4e9bd8723

SHA-256:

204e296bec92df44ebb77ffc794740946c5678460abd7399c8198bc867027627

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 3:18:06 PM UTC (today)

File size:

347.7 KB (356,088 bytes)

Product version:

1.0.6.109

Trademarks:

http://www.gnu.org/copyleft/gpl.html

Original file name:

rufus.exe

File type:

Executable application (Win32 EXE)

Language:

English

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\15660926_stp.exe

Digital Signature

Signed by:

akeo.ie - Open Source Developer

Authority:

Unizeto Technologies S.A.

Valid from:

10/26/2011 8:53:53 AM

Valid to:

10/25/2012 8:53:53 AM

Subject:

E=pete@akeo.ie, CN=Pete Batard - Open Source Developer, O=akeo.ie - Open Source Developer, C=IE

Issuer:

CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:

61E83989EE31F05EFE07FF70C623059D

File PE Metadata

Compilation timestamp:

1/3/2012 1:51:13 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.21

CTPH (ssdeep):

6144:jZHkXwA1Vt6v3XVsCJemqdsMTGl52pNy3m9w3BTaasdcSX1mT2Wrxw/q/:RUtEnVsComD5scpBTZsdcSF6i/w

Entry address:

0x911D0

Entry point:

60, BE, 15, 10, 44, 00, 8D, BE, EB, FF, FB, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89... 
[+]

Packer / compiler:

UPX 2.90LZMA]

Code size:

324 KB (331,776 bytes)

The file 15660926_stp.exe has been seen being distributed by the following 12 URLs.

http://gsf-cf.softonic.com/bb4/d27/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335911&instance=softonic_en&type=PROGRAM&Expires=1478772512&Signature=ZJhvRWp0nnvCr9hKE4W1aHXzmu4ROV0NAD9cy5g5~z5jcdBcHtW68hAKw4GpG9pAlMIO9aDpqr76eJwBxewKc3HMhI9L4triF~OCfHvFmlgIr6CaVN5gWXn15h0O7DraId2lOuhgwrqyyyLTT88jURtHhglwu7zoTutJJq1CyS4_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rufus_v1.0.6f.exe

http://gsf-cf.softonic.com/bb4/d27/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335911&instance=softonic_en&type=PROGRAM&Expires=1475054702&Signature=SGf~lSX0m0t6HQqeR6WA3RDM6IRbCYKXLaKwL8upoVxt2CLn8VGLCZt8u~Zt6to5uveYgq7lBI6MHIeNoh-Qyt03cH4sBXI1Tu4keNPXzGkN-4L4Eg5OevL~jWOBs92j4EPbRwtkyPhJAcIba-cyIxmh5~-CR8VKNuJ1~YvCPyY_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rufus_v1.0.6f.exe

http://gsf-cf.softonic.com/bb4/d27/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335911&instance=softonic_en&type=PROGRAM&Expires=1477882228&Signature=HekHQqKZ5mNkb0yqf4Ut7z0gj5cnKFE~Bsqfg-rdTKBXoe2trAmih~NpI-sPg2NygWsOcQWbjkSNv8H9z9GQ4t3nL2DZwHQbveAsl3HXUf7E8WI7XmvdiOVUtj-WaRsMyWykYIHiY5wEOU1qbTqOR6OaPHRQzbfDazkpqfiuFmw_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rufus_v1.0.6f.exe

http://gsf-cf.softonic.com/bb4/d27/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335911&instance=softonic_en&type=PROGRAM&Expires=1468192312&Signature=G0zJ0Eb9rUQcRMkLhIJp05syoDa3IvQMubcdaqyM6YpEd6fYZxdVjOsXNzNT8B-EzOb-dj~Gf25UE1m0zGb1IAYOk-xJaZhL~-c3mgy0PYEvuPIBTkeoqfyNgiVeYGMi5m6uNaKqP9OpzfP5WT02P~zG7rCaKKkay-hNp3RVn4U_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rufus_v1.0.6f.exe

http://gsf-cf.softonic.com/bb4/d27/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335911&instance=softonic_en&type=PROGRAM&Expires=1463814618&Signature=W3I2oz6vhmQOO3sZ-6WJBQh~SrMzwNC-xA0NXxTn6GZXiFCHbP66leHRmD657XwbyCgn2zHuJ6vwD0JhiLxMuIie8JzyZow5FI1E~om1fx0QYuo-Nn-AbNEs714mNSQqOTJL4nmphSu8MC9ZJJzPy7JG7UN8swkRLjCJlocR2TU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rufus_v1.0.6f.exe

http://gsf-cf.softonic.com/bb4/d27/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335925&instance=softonic_en&type=PROGRAM&Expires=1429507362&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=HPDZc2nasegycQ9c~vGfynQIqqtTR-DARUL2f~TPK1nVmKE5cGmYD3DVOKLwmWjJuIuxlWmrIQmy7kVzok3yP8Y7jDusAg1wQfFOO0N1gwcARUsLLH5UKdk7C4DTbju~ekkVyU6RgVEyZmVVt6zCpFHLXLkZvJVnvbDOMX2bNJs_&filename=rufus_v1.0.6f.exe

https://github.com/downloads/pbatard/.../rufus_v1.0.6f.exe

http://gsf-cf.softonic.com/bb4/d27/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335911&instance=softonic_en&type=PROGRAM&Expires=1462645472&Signature=ER-wDL~~sNNBWVI6AJyTe3cQ9iQaS8I8Xzcp8-uaNRqzXCeoBHg-pco9KbSu0wV1cUjYTiIFoi0aD1j24E8aWiVYNXtd-OxLwnibmnAEsQEG0tYhgEPYFVmNEHlQojw4IMIHKqtkV7~pnTbe2qbjhDJfsp-cp10cDuXRcf4cO6Y_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rufus_v1.0.6f.exe

http://gsf-cf.softonic.com/bb4/d27/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335911&instance=softonic_en&type=PROGRAM&Expires=1446712491&Signature=eBl8E87x0GYMIxn4sklpTZGfICChi8H7cZTq0rsMIeMrLUuJ-cngL4z6jMJhMzWE0LI8jC4NtVkTYpIu0LQ6-q3IAmiFQV50LvBJVyrXSCfKJYe6~gJpxw~vxr~PwTBPCEwTBkY-2dDE7bBFEq-vU6d~iFhlFz67mPt8mb1quyU_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rufus_v1.0.6f.exe

http://gsf-cf.softonic.com/bb4/d27/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335911&instance=softonic_en&type=PROGRAM&Expires=1439803649&Signature=bSz2KDdV3N0P~~dZ-6TtQisFAhRQg3aM0Is1yDv6AwldxFbxm2QoNpd~Wf8cpUmvu6hREOMhUxf4KJVsrlgm9djlR8YzuJKX5OEsI4yvAXck1mwfHlOGerWC7ia1ERd827dXiUjK7EtX7zew~LunhuPqz8NjCnmJLhmmW1Dwe1Q_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=rufus_v1.0.6f.exe

http://gsf-cf.softonic.com/bb4/d27/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3335911&instance=softonic_en&type=PROGRAM&Expires=1426305454&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=dEYyQ6LLEyS5PWV0xwmA9YeGxRo-PRPJHSN8smzGaPfdXc~JHjm3PXgqB5GxO1qby4mq5FrEV2T4VakrQFqZx8S0Pnqj3DaapM5ocNrmoSDHfs6x8nE8hFS1yi0~rGSVfUWw0~cUoBxohbAagDH3O1KA9EWMhmugpkA-H8Vnt0I_&filename=rufus_v1.0.6f.exe

http://cloud.github.com/downloads/pbatard/.../rufus_v1.0.6f.exe

Scan 15660926_stp.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.