» 414366_stp.exe
Overview
Analysis
File Details
Programs (5)
Downloads (1604)

414366_stp.exe

Yahoo! Inc.

The program is a setup application that uses the Wise Installer installer. The file has been seen being downloaded from fs36.filehippo.com and multiple other hosts.

File name:

414366_stp.exe

Publisher:

Yahoo! Inc. (signed and verified)

Description:

Yahoo! Messenger

Version:

11.5.0.0228

MD5:

16d88d109bae202f18039b686a743f40

SHA-1:

22b3ee6951572035948db22f006c3b1c94afd3e8

SHA-256:

66c980fabfb35ea599ab75a989bb2f87167eb8bd7abca105a4637d267f74b534

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/25/2024 3:47:35 PM UTC (today)

File size:

18.5 MB (19,377,536 bytes)

1997-2010 Yahoo! Inc.

File type:

Executable application (Win32 EXE)

Installer:

Wise Installer

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\414366_stp.exe

Digital Signature

Signed by:

Yahoo! Inc.

Authority:

VeriSign, Inc.

Valid from:

8/13/2009 3:00:00 AM

Valid to:

9/3/2012 2:59:59 AM

Subject:

CN=Yahoo! Inc., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Yahoo! Inc., L=Santa Clara, S=CA, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

3D7A9A7D12556AB8688CA048C60F6018

File PE Metadata

Compilation timestamp:

4/8/1999 11:24:47 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

393216:71ClcNpE+0R1/B0WLy+mOsgncINC/HEiS2V8qLayYjqQb2WsZmI1:71ClcNpeeW2ROsmPMcibVHLlfQb2WsIq

Entry address:

0x1000

Entry point:

55, 8B, EC, 81, EC, 78, 05, 00, 00, 53, 56, BE, 04, 01, 00, 00, 57, 8D, 85, 94, FD, FF, FF, 56, 33, DB, 50, 53, FF, 15, 34, 20, 40, 00, 8D, 85, 94, FD, FF, FF, 56, 50, 8D, 85, 94, FD, FF, FF, 50, FF, 15, 30, 20, 40, 00, 8B, 3D, 2C, 20, 40, 00, 53, 53, 6A, 03, 53, 6A, 01, 8D, 85, 94, FD, FF, FF, 68, 00, 00, 00, 80, 50, FF, D7, 83, F8, FF, 89, 45, FC, 0F, 84, 7B, 01, 00, 00, 8D, 85, 90, FC, FF, FF, 50, 56, FF, 15, 28, 20, 40, 00, 8D, 85, 98, FE, FF, FF, 50, 53, 8D, 85, 90, FC, FF, FF, 68, 10, 30, 40, 00, 50... 
[+]

Entropy:

7.9974

Packer / compiler:

Wise Installer Stub

Code size:

512 Bytes (512 bytes)

The file 414366_stp.exe has been discovered within the following programs.

Mozilla Firefox 12.0 (x86 en-US) by Mozilla

Firefox 12 was released on April 24, 2012. Firefox 12 introduced few new features, but it made many changes and laid the ground work for future releases. Firefox 12 for Windows added the Mozilla Maintenance Service which can update Firefox to a newer version without UAC prompt.

www.mozilla.org/firefox

10% remove it

Mozilla Firefox 19.0 (x86 en-US) by Mozilla

Firefox 19 features a built-in PDF viewer. Mozilla Firefox is a free and open source is a web browser coordinated by Mozilla Corporation and Mozilla Foundation that is a heavily localized.

www.mozilla.com/en-US

11% remove it

Mozilla Firefox 9.0.1 (x86 en-US) by Mozilla

Mozilla Firefox is a free and open source is a web browser coordinated by Mozilla Corporation and Mozilla Foundation that is a heavily localized. Firefox uses the Gecko layout engine to render web pages, which implements current and anticipated web standards.

10% remove it

Orbit Downloader by www.orbitdownloader.com

Orbit Downloader is a download manager for Windows that has the ability to grab and download embedded Flash Video files from sites like YouTube, Dailymotion, Metacafe, etc.

www.orbitdownloader.com

22% remove it

Yahoo! Messenger by Yahoo! Inc.

Yahoo! Messenger (YIM) is an ad-supported instant messaging client and protocol by Yahoo!.

messenger.yahoo.com

7% remove it

The file 414366_stp.exe has been seen being distributed by the following 50 URLs.

http://fs36.filehippo.com/8524/.../ymsgr1150_0228_us.exe