home

logonstudio_public.exe

Setup Factory Runtime

Stardock Corporation

The program is a setup application that uses the Setup Factory installer. This is installed with LogonStudio. The file has been seen being downloaded from download1501.mediafire.com and multiple other hosts.
Publisher:
Stardock Corporation  (signed and verified)

Product:
Setup Factory Runtime

Description:
Setup Application

Version:
9.1.0.0

MD5:
54adaa9208f95edc8dfc32c92befbe4c

SHA-1:
472870d85cf083ad82a98cfad3ebf19d4db6ca87

SHA-256:
ed3b3773a921e687521dc1d59413627acfe8453692fa2d5de6b3268ada1d0b77

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 10:18:58 PM UTC  (today)

File size:
9.3 MB (9,791,080 bytes)

Product version:
9.1.0.0

Copyright:
Setup Engine Copyright © 2004-2012 Indigo Rose Corporation

Trademarks:
Setup Factory is a trademark of Indigo Rose Corporation.

Original file name:
suf_launch.exe

File type:
Executable application (Win32 EXE)

Installer:
Setup Factory

Language:
English (United States)

Common path:
C:\users\{user}\downloads\logonstudio_public.exe

Digital Signature
Signed by:
Stardock Corporation

Authority:
COMODO CA Limited

Valid from:
10/4/2011 7:00:00 AM

Valid to:
10/4/2014 6:59:59 AM

Subject:
CN=Stardock Corporation, O=Stardock Corporation, STREET=15090 N Beck Rd, L=Plymouth, S=MI, PostalCode=48170, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
4C2DA30D1E210459D4C5F57BBB91964E

File PE Metadata
Compilation timestamp:
6/14/2012 11:16:10 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:77+r3F6n80P6uGlm2qP052UDoyvLMsuLADzf0SokR9GMzBhJloIf:77qFRZDuP22dcLVzftoC9GMz1loIf

Entry address:
0x29E1

Entry point:
E8, A6, 1D, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 56, 57, 33, F6, BF, C8, AB, 40, 00, 83, 3C, F5, 54, A0, 40, 00, 01, 75, 1D, 8D, 04, F5, 50, A0, 40, 00, 89, 38, 68, A0, 0F, 00, 00, FF, 30, 83, C7, 18, FF, 15, C0, 70, 40, 00, 85, C0, 74, 0C, 46, 83, FE, 24, 7C, D3, 33, C0, 40, 5F, 5E, C3, 83, 24, F5, 50, A0, 40, 00, 00, 33, C0, EB, F1, 8B, FF, 53, 8B, 1D, C4, 70, 40, 00, 56, BE, 50, A0, 40, 00, 57, 8B, 3E, 85, FF, 74, 13, 83, 7E, 04, 01, 74, 0D, 57, FF, D3, 57, E8, 18, FD, FF, FF, 83, 26, 00, 59, 83, C6, 08...
 
[+]

Entropy:
7.9845  (probably packed)

Code size:
22 KB (22,528 bytes)

The file logonstudio_public.exe has been discovered within the following program.

LogonStudio  by Stardock Corporation
Publisher's description - “LogonStudio is a free program that allows users to change their Windows 7, Vista and XP logon screens. It comes with several logon screens to choose from, along with thousands that are available online from Web sites such as WinCustomize.com.”
www.stardock.com/products/logonstudio
22% remove it
 
Powered by Should I Remove It?

The file logonstudio_public.exe has been seen being distributed by the following 16 URLs.

http://download1501.mediafire.com/5subjaaknoog/.../LogonStudio.exe

http://www.lo4d.com/get-file/logonstudio/.../

http://www.downloadcrew.com/?act=software.download&id=11956&t=1405087798&c=87d49fecf7340c0c3ec147e0a567db7bae775c86

http://lb.cdn.m6web.fr/d/c/a/c728547f22d050479490d504a8807a5b/57f12b9b/soft/.../logonstudio_1-7_fr_38359.exe

http://lb.cdn.m6web.fr/d/c/a/5cf79d55f923a83b95636ec33a50f626/57cd3efc/soft/.../logonstudio_1-7_fr_38359.exe

http://www.lo4d.com/get-file/logonstudio/.../

http://download2133.mediafire.com/61n1lfm2xqzg/.../LogonStudio.exe

http://stardock-logonstudio.fr.softonic.com/download-tracker?th=1/6CH9aeXedl4L8u BHNJXWTW LP1LFlnGQpxqjlxANI0jFJOXFWHsYqkgKBsD4OZr9unOrm0Vz0CTbU3RL6hlOzgDM8omVLUaB9dAIk/qahVSI/KiY26NpWCbo4OO91mv4RP/XzSf3I3gYJ/.../sGM=

http://stardock.cachefly.net/LogonStudio_public.exe

http://www.lo4d.com/get-file/logonstudio/.../

http://files.downloadnow.com/s/software/11/20/56/.../LogonStudio_public.exe

http://www.lo4d.com/get-file/logonstudio/.../

http://lb.cdn.m6web.fr/d/c/a/7352f2604fcf5844c72520703beb3e7c/5411b605/soft/.../logonstudio_1-7_fr_38359.exe

http://software-files-a.cnet.com/s/software/11/20/56/.../LogonStudio_public.exe

http://stardock.cachefly.net/storage_stardock_com/.../LogonStudio_public.exe

http://storage.stardock.com/.../LogonStudio_public.exe

Scan logonstudio_public.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.