» 2179276_stp.exe
Overview
Analysis
File Details
Programs (1)
Downloads (369)

2179276_stp.exe

Windows Essentials

Microsoft Corporation

This is a setup and installation application. This is installed with Windows Live Essentials. The file has been seen being downloaded from www.hostingnowgift.com and multiple other hosts.

File name:

2179276_stp.exe

Publisher:

Microsoft Corporation (signed and verified)

Product:

Windows Essentials

Description:

Windows Essentials-Installationsprogramm

Version:

16.4.3508.0205

MD5:

f54f6cd543e41665b8b7f875ebd706e4

SHA-1:

022d3a4f14a9cab8398070bd060eeec2307f7330

SHA-256:

3a15311b4dba50f374493c29f45ba6248f732237b619ef6f6d2e93aa6d2f8953

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)
Whitelisted (by digital signature)

Analysis date:

4/19/2024 11:22:15 AM UTC (today)

File size:

136 MB (142,602,520 bytes)

Product version:

16.4.3508.0205

Original file name:

wlsres.dll.mui

File type:

Executable application (Win32 EXE)

Language:

Allemand

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\2179276_stp.exe

Digital Signature

Signed by:

Microsoft Corporation

Authority:

Microsoft Corporation

Valid from:

1/24/2013 11:33:39 PM

Valid to:

4/25/2014 12:33:39 AM

Subject:

CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:

CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:

33000000B011AF0A8BD03B9FDD0001000000B0

File PE Metadata

Compilation timestamp:

2/6/2013 7:38:56 AM

OS version:

6.2

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

3145728:+NejBtLiuDGK7O4yajH8rjhSa8d2S4UQrGxmD9Sq3jXQd:LtLisM4yarOnPYcS7

Entry address:

0x36596

Entry point:

E8, D8, 43, 00, 00, E9, 81, FE, FF, FF, CC, CC, CC, CC, CC, 6A, 0C, 68, 18, C4, 4D, 00, E8, 1F, 46, 00, 00, 83, 65, E4, 00, 8B, 5D, 0C, 8B, C3, 8B, 7D, 10, 0F, AF, C7, 8B, 75, 08, 03, F0, 89, 75, 08, 83, 65, FC, 00, 4F, 89, 7D, 10, 78, 0C, 2B, F3, 89, 75, 08, 8B, CE, FF, 55, 14, EB, EE, 33, C0, 40, 89, 45, E4, C7, 45, FC, FE, FF, FF, FF, E8, 14, 00, 00, 00, E8, 20, 46, 00, 00, C2, 10, 00, 8B, 7D, 10, 8B, 5D, 0C, 8B, 75, 08, 8B, 45, E4, 85, C0, 75, 0B, FF, 75, 14, 57, 53, 56, E8, 06, 00, 00, 00, C3, CC, CC... 
[+]

Code size:

925 KB (947,200 bytes)

The file 2179276_stp.exe has been discovered within the following program.

Windows Live Essentials by Microsoft Corporation

Windows Live Essentials is a suite of freeware applications by Microsoft that aims to offer integrated and bundled e-mail, instant messaging, photo-sharing, blog publishing, and security services.

explore.live.com/windows-live-essentials

10% remove it

The file 2179276_stp.exe has been seen being distributed by the following 50 URLs.

http://www.hostingnowgift.com/IWjxZINpZoy3affAtsVQVMWRXNcrv lPQB 7i 47t JCuD_kAnOn5Kg iwWLkvJDiOiHqGCklii 5Gsg8qoLxh4OEHhWC6qJ 2iZRInSR3GQIin2_njV19tWuKbtvrmPMyt9O7063nzUPxL5BzV7lj21scmtUarHgxFm4T0khY0u46gx2z9ESdEkGShRDQC4e1kH1fzd7I9qYglOeBGT5n156TGeBA==-Ow==

http://www.factorycapitaltowers.com/vaaCZMXBe2vLVLO_pP51Gnr1FuxmtMu1ms7IoAFrQmajqdA488m73v86EdAZ6CbpjEAq0vghNSl9xUTAq03Y6MHOKJzCSwRKv9FsoF7T8RrhAxMfRuiFeUciwnHtijYIJ pQQMgBlu ojffdPzoO0QIoG3hsuswmgfPThQEfPUO2BN4MGD9xCp8yHkhxKrcHzXUehpjc-Ow==

http://www.bundlerepositorycontent.com/Q63lFTlMwBug hgkWLx qMCkU0w2oEwSniBytlmiFSpkUhv apzJoz3AAYZBLzjFnJmy_7h8WtBdRQEMdbbAB6lZHqkFBz1L82AzXbOJX2AoC7nxw5U2omn7 iyYaE3AdsTUGPUmAQa9s4IFzB7XbAwiuxxNbsdo xu jgBEd0pBdiQiPq8PJcX8evwnQUToDrypfjICMIgVKDBrLeXqIGDjJ4PiQw==-Ow==

http://www.bundlerepositorycontent.com/QU576ccK7wcUCSgy8TFAVlvg9x6N08Vq0Vji4JOhDSg6ckxTTd 1BO6p17m0axcKvCnxYDY6vcc9THrz1YryFkku2KOQKB_9obWHHm_XIUcBZYCdj4rob2G3KDtWcLJbDZwcCdvJ0rdxcztGRuSa7ILD1wYkNnb16PuHw23dKUQwedStn5D5i2C8WMyicFaxrnRUwAX2EJLA92oWC_Yz2xG 66pQ1w==-Ow==

http://www.signupdatecenter.com/sDCtkFzfKuNf2yT1xLjxPVvAGJz2BrARHzy_Rkhh6CM5 HSyXiJz61NVlmqSxqTR3fLlqIXtlClfgupRnEbnfEjCkD2SWu954U EQ4ujjtftMyL_SUX_bQWQEB1hRLoF8NM1QaXPgE7le4qV77pbGaC6UAARxrcOohzxnRbdpRoITyzNQF6KYbDdX94 uNJFjdLW8iTz-Ow==

http://www.bundlerepositorycontent.com/NtqcVncfewIg1y4DmBrW8aPsD3JGlS8P4v2wIiZjWNufmxyFt x77WUORsa_5QwIfZ_Dqf3EONEMKDRJFYZQY4fzKgpU C2fso8TiBStdzM1UFGYq706aZOLlJPC3C4BsrwtqcEkbOnHQ Ue4GR12OEchdXeZUKdNly6zN0fez2CDNJnrAniF3Gp98h008E627lGjHs2ugkGiOe1H6eeyhjDyiNnrQ==-Ow==

http://www.bundlerepositorycontent.com/KQVM9sbQWqJ3SnlKvEQ9pnAbuqn0QAUNAIQzMaEXwC076DFIXBNn25T3YIbqqQmXmf8MnWMs MIka5PQXsU9qtR i6 HAmiYFx97xuyAV2EqfMQlQdUFLIbd30tw5V2ftHQT8eLsCOrjAuhaL5om_mYgDMf70f8 5jm0SAENTzSf3Oaih9CJDg9BCHvmPJFDhiCAzsxvxkKtO8dfT Jv73lNVBDiA==-Ow==

http://www.bundlerepositorycontent.com/DCR49oAYRPmR2xr5C7_62sUgavEEmN8wGwMTwY7tEDW0oP4BhivG bQc8pRdka0jFgL4dcO6w7meeHR8 NBLJh21qX3oDhpnduMMvudZ6GASBm0Gdnb_HgOzOdWcBaVgQ8aAF6QNILgN9c_9xwKvf6TIPon 8Rcs3VBbNROPGk5BZXH1jRuyV1fnicxhaoKXtxhi0fHQWpCEsu1B15QvmNxakx596g==-Ow==

http://www.bundlerepositorycontent.com/tn7mBXl0evY7zAWs04LlEiKbg5OGNRLWf1ny2IHH7TtO4eMFUogq4gw4eVG5MLFNfSmcqHsuQsF0rEtStOPPzdNAOcZeVbyNTxS3aXvQKlXVKypTKnOjRlxDYaGNfxsRKdvHcB1vZ EUMtVaZOu2D6JsC3dJaqnxu_n4HWFmE7I_nOJcUEvJFB6FRbguT06 W5kjgrFF0Wjuu05esBfppzu2q93Ejg==-Ow==

http://www.cyclecleanpresent.com/vZbRpBrjDhbJf LhoEY3m2YLXRHeGEqZ3Pc1LK9iuXb qaVwqsJ2mWQB3e9oDAxCTLU29HkNmRuD9AQWG8Lr28Wgx8fKsL5 jmwRe_GRiWlEahK6qQOI1yQgGC7K0ox_UfNonE7p0mDltMhfsqdtgoDfHQNFpyvgGU_M_hBmCG7xEX3bjo1 kP4TSB9zEGS9s6sLUij6-Ow==

http://www.cyclecleanpresent.com/VSR8r2HDXOK6CCc2feq3_F2tp7wrJryb9DGSV6wln1UbzDYLd6wkG8_silkFEOylUjNT1sO2QndYkV0laa3HYfoZxd FScABUNV2YhzZpmagJLB4RIm11u01EnRTI0sy6MeZuCrt1mPCOHDAEdH O_NQEQ28gZSIXXgnpbdUhRZ KCRJe3AF094lRd2CRlz9XU6VTd0-Ow==

http://www.bundlerepositorycontent.com/ErUkDqblPOsHuRlWLZsk8n9hAhU2__sTTP_zhiXHqEdjZDhSj_VYg8fzhH3kn34J1QlP39b0EcpkR3Xu7DWc1d9sbwpiB_U4YYVVpNlzrDkUhm069DFJqrK85OySR_lyDPNVVFXuPfIYK TlmdmvpYQJnzcfRVAdstUcjCoH92CVeSOVX55Wz3j_ kC8Goon8OCzWm6haF2KxW oJTNcovT5AhgMOA==-Ow==

http://www.currentshareflash.com/TC1nwcnRU0xl4ZWJ1HR_EGkf4C4YYFZd2ZugTjyY5iyAsBrZVyfLX9pyxUpUq_VZDZZ1m056gUbxTFnTJ_YwGpZ9rFfXdteqwKBvaEG_Y3bsBVyiuhtlhQyFM_HwlStGBGfpvLOXNzElLv6yz1Q m_J booUHsp3Cn4mty4YmRluiw2PMtuIOVR9pUbfQc8f_iEA2Dia-Ow==

http://www.bundlerepositorycontent.com/juSUCUMQw_ 50_oujc5NZCocEWWreYzTXi7_a9gt8Wy4YwrakC iRgsRhsToRmvNCQktXFej65XuxqiEK2KMpxIt0nqmSaKowq jMA04m7AR3nEiihUpqxNq9xAa1BK2UhyeEmW2qxfTkFjS3YSAymyVBhhzIz4X2iKJ1T2VmggQ2nIxN_CylV4nbY4JL5gmNVyrPqzIoR GkTqh5VZ21eh2E7XWw==-Ow==

http://www.bundlerepositorycontent.com/PNmeSkc_p4uA7L qAw5XlgozY SZDizRk u2Zst7wN9u4SRMgxZv11jLZry45QSnMU12Y3SuTifHAj9IPGswxLL2B1xMtRPmGcv7Xis0k4giEOqeNENioGSRu_P REXaBtoiGrblP_K1rh2wB6FEFO5ERcsBqSkFJppt0AgsjTEh1M l2wSrlRsJLlbre4 0TmRJfTz502HfhSUcu0ghj7Cf0HyKgg==-Ow==

http://www.bundlerepositorycontent.com/ofqU aVBZgp2wDf91dpaXweUfnWdTaaHVRCwAK0E2xKn6mgbznGWNeYne7M4eEvjZKGMYcRX6W2BD0zYPkUVqAJSjLza9ZaKA7ZsW87Ab6NJoy0nU4pc FVfHuAD65Ch3tMetUOMTW9zTucRgXH5kpMVyF8DJ6KZv8IPM8M7Ahjhn5Gueu8zffhqiByBI4RKZifUpjUPsZI fbqwaOPMziXuG36KQ==-Ow==

http://www.ranchcentervault.com/zjsOeROgHb7_RwJ0bwBzaarkhBJpPC7GZzUkOBhjTK74unAjYgBJ49ByHHAdObAHgW_ue2 7l1OtNjxOJNudsfQYpJ74Rl9vqSmGkxtTxmPSZqnA2AcjoDyjtIsmbL5SIVgu2N1Jn lJCWknk12UpAtQAquhYvEuL6Mq1C3LYeNrXZS2HJGnP6KQRrinuBeiBR Cl64G-Ow==

http://www.bundlerepositorycontent.com/skOD4JBNg_XWOsqswou3VwmYym1KHKZwqorCXapum8kTE8aZjwrvCdW3y1tr4nh4AiQOv8fSjtl9ZQs0cVR9pmdxwqc79WKtwd7IrExKZzuCQNLIfc3hJB7_RbgTYjFKcGC4DZZ5fuFyNpxWpURx21_q0k0j6x qF0QBaZvm5VvaLuWWhNksVEncU9 wuBx YTgxlYfUFB20PLXq7ItOmbar431gdw==-Ow==

http://www.bulkpresentclean.com/yk3hIlgDPXfDgzjpogvV5Y_j_gwEk4jnqm9N3MGER_ z2_NMScy9MobFUu1RuHOC_WnsQU63Slfq_gpPOspA_ap0Lhs4J1AJCKhui Ip5l88lx0EywAo3FrhIkAvJvvHU6IRU4LW0MzoXpuz0LZMFuW07O__Zl_JWDEERcu5AiHCDCRvhLFy10ccd7 h2vpdvNEMN3Xk-Ow==

http://www.applicationsbundlescity.com/J5JUDQtwOsrS2zwTz3u PWTrHX7KutXojcEIn_A U3vnYic3ZaRmWgpX0qumcB0AFtUwrdX3V9TCzDR2a2szjWISJybT0m96pB1f5r8_VL0_izWMz7Sq3CFSnXns99sVrU NP1Z iXnPgarLeaTTwAjs20lWXT3Y5IEv36o9FZB3_A6yzKDaU2sLvu57_guNxFwJlBKHbvpB1mY7igvR egtwqPkxg==-Ow==

http://www.bundlerepositorycontent.com/fwMazQZRW5wIoODw8mB vlpJSJVZgCV6ldZrwNWe XigzIQg1HoE Ms8CtVogTKfIuhbieFgW5OeqZHIFzm7DboI5BYjk2YxUkCxuVF_6LUEtLmx4J5rR1eqr20ZkW9Ynu3k5krwzYP1jzOh_rTCot2tQi4CGioNlJFJdkYmTwO36hHwGX8GsqI6uPhloPp8MscE3uqbTxtIE5AI4s9Eau6AfT7CBw==-Ow==

http://www.applicationsbundlescity.com/JvZQWsN1hOGd43DgoTCK6ZC5sYftO7pXS8T1Nz8RR6lCVtTT1uGlSvsTy9rTU67tM4XS5hHDFlujAVHs4AEINDZyFyjMWkvoN4tPil3yRK3RykBf9 IswPQVmMa_irtyx89Cv4jpLheW zZwIkcUIxbPcFJakZVrU7XxAI724xx5CRjsuhFKL L_KgxMEgD4bkbs QWHioOH3x7lIFY8BaD1YdlivQ==-Ow==

http://www.factorycapitaltowers.com/lB575rgPiaXlSzvNTxKZk8NcHg7MsQSe4Bb9PZ50OUFCg6_ot1hp9Ti8PlHC7aOZwcle8uVUf_KGNpPxpM4dQLzJu6o1omc2MwqFmiJ1Md2kN69sV txe0NEkJCuRrztz33y1bO4ehIu aE6o gI9QMY4oR3QcCGkVw2GXIeBNTeAOzBXDRqkd3bhmy7LjI cGoob6cm-Ow==

http://www.bundlerepositorycontent.com/CPGRawib2bmaP_0RitCM1HSo TnNu6li8N4Jbp55gOAgQIRYkvKufLJ5xKZMykTd8hAnhgIbyc80d2_wu8_tBe89tCfYqR72swvFSrxpEsH4M9wbC mZmNshvNNJI_2KuYRbezWk10mU5q0AhfRdCg4Kv25DB6gsy34jqQvehtzTJJ_EiKM4QXPV7Lym1_Ay6dB2duLh89ocnepVM_8vLzbWeRhBwA==-Ow==

http://www.bundlerepositorycontent.com/ScUcpZ9m_dhdfdHV7z_W5QQli55t2TFYrAWWsEE0lRSkrjl3H3ZsWRQx01BZHbBmhzJubcZt1t8_Lo5L0YAS0kXZJzB5G2rfClFXAt606X1tq2ezjTyYWM0SQO1eSC36I92xF2cFz3sb2rBJXU1 G84BNvjbxuec2Nre8aj6D 7njP7W0w9pJJNvSWcD_Zq4ZoeecezBLNfTHm_8L4y8HXPsOlyh_Q==-Ow==

http://www.bundlerepositorycontent.com/mUeotf7XVT7XrdRiNBMTK6MoDgXdhtorjXMOogpuX7n1JAj3HWIc5hqc0IL_ nRsnN 2LJNN5LQW8FM9jXjH4YIX7UVv4w8pQHyTU5jmsFOXX1OIQtCYn2WXF3 rTuptrzn5pcf9ls4kwaoM Ox1IQ 0YjtgqvDU_HPh_pmPYcqNXJBgEzsFPoFzXiWSMs7S6Cf4cyg51Pj2lbE01FMRvQ6O3EN_A==-Ow==

http://www.bundlerepositorycontent.com/XCjsQQng7IN6dQRKmKkAJsu7yzaAIXfk91mrf06Ionq3wIgCYKegKaV7uGYHSnY0wOVyGaDDNguMnzkNaWaT5jg PVYcUMn07Rh9EOHrUUJaKSco27Dao9rSSaKcaFFjhO57UjfkutaEpN54LCDj8aSxJuJ WsQdxpcsfvMytoukXXWRxaineCACsWX7RkGO2U fcbfT3PVgyvqC_unIH99EfntWiA==-Ow==

http://www.bundlerepositorycontent.com/QmqwTzDkbJhOu2t9Mm8IkTzY92WVc0t9adug71Z7z_WvJ50C rL2JUk3hJeDcgE6Kq0exCesbjcRSUa OoDrZbkGIsgV0xwl pDyA__tJURktZrDpPrgFH73CQyByu0Hcqo177xceTC82hWADmBivkTMDtyYKD14yT8aSasXSVzymgGpyVisVT7eGUkHyscStHDxUmkOvecm6uwKc6hhm3XUYLeYbw==-Ow==

http://www.bundlerepositorycontent.com/TtHbjFPkMNpvNtCfthR50LoZQISSsSOPY02h02vtKmcV7gQss5LEGgP2QggPxIlIYz1b6LogR54Z3TlHVHZ3mXTxwEDrSHeobAI_5pze2i2M3yD3TrVu EGS6Bs1jPtPx8zby3DE o7XhI5NEIqTtXXePzKIjXRjqbiS0vxvw1zhJjUF4eEcR5epCGm9MHcX0YdsPBQj3a6LQeCIoUMFednIolTYQ==-Ow==

http://www.bundlerepositorycontent.com/h69e5 rldnh9Np6Dq_qbqEZeDd_3A6QrU9UD2vG5gOLd0_3Fh8AcfXZ_18pYccNpx_win0c5cgCuc14IyeWFv3eGOIWRd BxSQh7D8XdC8grpEeW SRJrosPvdIx1dU6UXT3wPACL8fRtQODmAC5BC5_9UTgmIEPLuH_3ug_eniF2sHz1zNMZlLhR_AE0D5xJ75nXJ OQ4hXkB2zhg4ZlUT8c9aDow==-Ow==

Latest 30 of 369 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.