home

8615171_stp.exe

PowerPoint Slide Show Converter

DzSoft Ltd

This is a setup and installation application. The file has been seen being downloaded from dw.uptodown.com and multiple other hosts.
Publisher:
DzSoft Ltd (www.dzsoft.com)   (signed by DzSoft Ltd)

Product:
PowerPoint Slide Show Converter

Description:
PowerPoint Slide Show Converter Setup

Version:
3.2.4.1

MD5:
33f34836904c5479fea23a4431f5c96d

SHA-1:
f9f5c9a1d4d724db5193c37bce1d60dccc314ae0

SHA-256:
f04d17e6f37dcb56c889e3f628a82d42a64bb499eea9593bbe1e22e7908cb58c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 7:24:41 AM UTC  (today)

File size:
4.6 MB (4,791,504 bytes)

Product version:
3.2.4

Copyright:
Copyright © 2002–2013 DzSoft Ltd. All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\8615171_stp.exe

Digital Signature
Signed by:
DzSoft Ltd

Authority:
The USERTRUST Network

Valid from:
5/11/2011 8:00:00 PM

Valid to:
5/11/2014 7:59:59 PM

Subject:
CN=DzSoft Ltd, O=DzSoft Ltd, STREET="Gogolya, 12/21, k.9", L=Kremenchuk, S=Poltavska oblast, PostalCode=39605, C=UA

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
0085D243616CDC4EF591F7541D58CA39AE

File PE Metadata
Compilation timestamp:
1/30/2013 10:21:56 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:Wv5b19YNA+BgByFXAeuyEfSu5mGC9GSJZ1zXXLJ39PI:WvxKFwexugGtg7zXw

Entry address:
0x113BC

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, 2C, 00, 41, 00, E8, E8, 51, FF, FF, 33, C0, 55, 68, 9E, 1A, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 5A, 1A, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, 5B, 41, 00, E8, 16, D8, FF, FF, E8, 65, D3, FF, FF, 80, 3D, DC, 2A, 41, 00, 00, 74, 0C, E8, 2B, D9, FF, FF, 33, C0, E8, 80, 32, FF, FF, 8D, 55, EC, 33, C0, E8, E2, A3, FF, FF, 8B, 55, EC, B8, 50, 86...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
63.5 KB (65,024 bytes)

The file 8615171_stp.exe has been seen being distributed by the following 8 URLs.

http://dw.uptodown.com/dwn/tTkd1xry-H7CjvlPCfU1Ah4fktXHRqLm46WJZJe1640cBOHFMtVuO51ILsHQs4qB2QydXQxqjTEJz5JylNeJ3sdwxEQaHdsstpYM2Z0rhhgUoFkwKNGjgx3puHmsAyCI/fcQm68lLn5j8Sl9wBSjt2P4pyKcXst1htuaUSUiBK5Se3zmGRKMxfVYTq55mLD1y7f4tM-GL0ZZ7_KghZSMWoSo27R8Jp2cPDUeB7q3gb-j8WxNFDNH0i6qZJ_SXzNP3/wh5Jr6T5aycUGRA9LMysXncCi5fO_TXjJ3LwqU0sIWB6kxBzPD24elqWT9mkTUEcKu6f9dOL8DNILc_BlNHbHt5K023YwK1A1M2Nt1iEWB0Njjqt7v4AL14rKXejOJKA/.../

http://dw.uptodown.com/dwn/6HHCQRvdlS_QbkaHtFaiJ51LLq-3k4E2COri9KJr2JX1pRUcHd8tPHmE6kz8A6zWT9OOZeHyYsVPPrl9r1VlnQtZlKGBym1LalBLMrVBF1aprq5AcuYlTl6-ajJfVOX3/5OKwo7Bs3qyZ6mfU4Sc0t2tHd-hAiHQ07lnxo-Y7h0qT0ZwwnAdYbRY52SXTSXEZpFcF9YkR8SgStKWDr93u346gnJ_QWCT_OpGAfVqinZZBiG-uSM25KZx4NqinVDsb/UNTpG0SDPPm-24MZrmKfBSYWzR43a6a5oK1ZRud1fCsQ6oy5L2l7L10WZbk1WVQsZUfkHib97735LYzTuMF0PYA4A6fcmMXpxbWLInDQ6eD8JZTUbPlVBm_VeUiz_cnY/.../

https://dw.uptodown.com/dwn/4Nd3sE-KUkJPZ89ndn8MsinzwGWbuAgVDn0RmKSaTD40N6lUqBP1v3ZjvYO2LVSLABRQpa4lnxja8aAeTmWWv1ZAe9rJ9oJgkYRyM1kDyj2Vi6NETzzdip2QiiorP6qi/8xusorBk_Z2lYWtnloYF7bLRG28QrkK72nGdnBjl7jbGyILMF1MniVC9jQLkRNhRo-OXXyUMoKXXKQPCxuI6_A1B3-7tc6hri7FYOqbs0-NOVX0ugJz1vk3hURGRXY3P/pbfZZ31jirywSFYJT7J7tHqZmOsZmFQFWdlfmx2eorh4NJVDZ2FATzOR1awdSyoWsY-wV91y74kt7-OqHtiaUnn088XWevCro3BTubRKMVQW76YJ0FO2EpZPgdyfumd6/.../

http://dw7.uptodown.com/dwn/8cUaAJgzon-Os68NiQ9uV108OwhbzvSaRtF_i0dE5087AwM1BWPOkeKteaLoGw8Z65ZFYut1LbtFxiqAUzcAhUnoHQ-wiXMaQ3rGF3e34gf_EM7cN0L-iQNHMPz_i10i/flp2xkNUdQMkPlqGxl7azPwQvWra25vqc-hcUewqhl9xuM49nVxmtXIfi1tm4-vUF0paOR0hwNvydsav7UTdTw5lWqCycEP78RMDzxDRSxsrunyUPE1yA_SJJjOnmYdT/M8foZz_o_UhifFUiBCrPsc4cptu3LtEgIC2J9JkW5mxM-nHL53XQvY8k2XbZmXp_WD7oPbONfYCgNl4W10wvRtmkhT72fR7JdeqYretqYVwMUe3rBc4UcgkidWfyXOXk/.../powerpoint-slide-show-converter-3-2-4-1-es-en-win.exe

https://dw.uptodown.com/dwn/p6reln79gHEgsfTnLL_rU25YEOHl00QzYGkb0Kwewbqyw9CWZXeyIXuCZFNsP1ljiLRAvjv8mszMeRLGTCuzClKBJ5s5CCUqvgd-5H32M6gU6QmltkU6cvq-NtVBKT4w/TYqaCk-PMqFbrIgllOwA7jnuaYQjOykEciNpNAsclroaj4-8HdL-W6dPwTkVoiGjVkmoprECAihTGxYs8zxsl4LESldqwap_VPYVQNNLRQdwXy6Pd-2sl7U0sOrOq1y0/MiK7VQVbXwvrbQ3_BLGdA1j-G1R_vUQYYXNZWf0NZtz_lwNIBVxLUP3IanxV5PVrGYKsH7mTNA_GRfiX1l10eaGRfc1KIfCDVuAM1kh60fGy7ul_9bDd6UhB8k8AqwZ4/.../

http://www.dzsoft.com/.../ppconv3241.exe

http://www.dzsoft.com/.../ppconv31.exe

http://www.commentcamarche.net/download/.../telecharger-34061187-powerpoint-slide-show-converter

Scan 8615171_stp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.