» messengersetup.exe
Overview
Analysis
File Details
Downloads (1092)

messengersetup.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from www.filehorse.com and multiple other hosts.

File name:

messengersetup.exe

MD5:

967cf0e5204e309ab45510724249bc6f

SHA-1:

d25763429e705f227ed51d203838bb8c81785a5a

SHA-256:

16792d31eb61c4c8af8cbbae7f08a4379390837d4458432b1ca069b9fc5b7ff8

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/24/2024 3:32:39 PM UTC (today)

File size:

28.1 MB (29,425,536 bytes)

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Common path:

C:\users\{user}\downloads\messengersetup.exe

File PE Metadata

Compilation timestamp:

12/6/2009 12:50:52 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

786432:ug1tDlDSnC6r2Lgs3Omga5GiWbn0Ac5/kGJNdL4K2LIQJjxG:ugTdyCU+gs3Oi5G30Ac5/kG55N

Entry address:

0x30FA

Entry point:

81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 60, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B0, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 18, EC, 42, 00, E8, F1, 2B, 00, 00, A3, 64, EB, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, 8F, 42, 00, FF, 15, 58, 71, 40, 00, 68, 54, 91, 40, 00, 68, 60, E3, 42, 00, E8, A4, 28, 00, 00, FF, 15, AC, 70, 40, 00, BF, 00, 40, 43, 00, 50, 57, E8, 92, 28, 00, 00... 
[+]

Entropy:

7.9973

Packer / compiler:

Nullsoft install system v2.x

Code size:

23.5 KB (24,064 bytes)

The file messengersetup.exe has been seen being distributed by the following 50 URLs.

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://f51.x8top.net/2107tmp/cf/soft/2016/3/ba/.../messenger-for-desktop.exe

http://dw.uptodown.com/dwn/ckGicDBp093eKnbt9bFtmf1-caTd9QRr2CPIkx30wPmHlqcq2nMgmSjr6yWBHYhaXxTXTX2cBqB4uyc6sAswJzHo4cbLLX4QfIWYfnZAN1yGWj8AVf2ViKGL5R9v7kEz/txPn0_wYVIu7iVT6uv0-ub2FDpteqcZwRBxv1vAoaGqKP4wv_Esec7xdXLXEu_iQsLedE8ZGc57DlXiyrHF487m4B8zr6w7dZxib_6qsk3pB5u2L61hLixejk-PxP03d/R84k9E4HF-bbHlm6k48DudaXvcVGG0hPoxMS1zN6ZvMRwCOBHqMAnGxomW1TTPnQJurXXQH0GB4CLTj2_ui6nMQbUiqZ_iM5v-qF1l0diHuCU4PlKFRCnNENrT7PdL-9/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

https://dw.uptodown.com/dwn/C61gdXiApwtnXYL0kNsLzrVmeS-pCOfQv04vVJL6Uq39qsH40kqXCR4fTomcWnvelS-QagOMEijhi3YH4Mf6oySCMyfFT3WtH-fHC8O2Wb6TLAO9MeAjZFf-eR9_WQ3l/F9OLVkEOyHwuIsnnG6tV7i8JDWLVIArVMTeDjJqBsy1uHhP5dHZuJxzpiVyzPpFzd4tKx1nA8xwJH0m4su7pHwSxFZD_Ft40pESSunFf5N724EAIZ0Uoo027l4psGJ1X/HDlmXR3wmhd5DFNzbwr2SF73Il53FFEytLIEK9mWTSvtr5_rVl0DaEVVKvhFV71JvEQjF3hfAfPZCxCU9bxBwx1gIU7e1vgAmJnVtXGKbEXdeF0mMPha-C6w4SMaRTax/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://dw.uptodown.com/dwn/GWAW32p7YSenpaoZkHNleHiAfvOmJWI9K00x2BcvCLSBTyncMx5qEKtK40t24CysAWkvaM61vNtS8pheQ70v-HCM9s0kc30roBy6mn_mjJtcvYOiG80sAdIkPRvPOtXy/YKpQy9GxJYG0IvAdHlMa_ouph-WixX2XaB6Z-hCX5dvelYoAn0wg3nnp5ib8Bcc5ehRcMx0-AehQaMmPBLyD5-Bsg2MnODVjwPIQDjJn3vDSXocL6xBGktD5P3LuStby/u9QjI4ZvTCQNXh0qw9SpDGO2wxc1JwnvNZvYKXq5N7LPbSsJvfs0eRG_AM7Qe3CxleHvcEB8glTlgkchT7zCGSNM4WYL4LzVs2JyFvdRLdAQzDeVOSWp0oRciLcQtbpb/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://cdndownloadpls.com/dl/?z=1051&name=Facebook Messenger&file=https://github.com/Aluxian/Facebook-Messenger-Desktop/releases/download/.../MessengerSetup.exe&vi=21

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

http://www.filehorse.com/download/file/.../

https://dw.uptodown.com/dwn/SgEt-c1w56MODSmNt20m4F6FnCDKyQRKOFnKeFUrd7F7ss-PETbwKLF-bpUivF9oykZZbtYWiHCq2wMNJZXH5Kd3S7-z4C8HGtDATy4Pn1qEOEzsokULEQGL0tvztHnS/o9kr07xmL3MwvDt4e0-d89Rr4HpQ7TvqiBXshvgYf6CGmusjN7VHXT2ZawVbgazyYXULYoBB1wfh2k3bx8YJD0l8mQM2s1S7gQpXepbEGhwAucnmcfwZpfdWpkUIWX56/UOTWf8rroJRH9Geai8-8jn_ZPtktIDD70K5fiwoYMk5waCJjODOY4N9le8vEOB61mxvPGpQymwXzqzVB7KFBvjKIEO_46igiC7QJWUjL2ny42XlKFYcWUaqyWtasx0Dm/.../

http://www.filehorse.com/download/file/.../

https://dw.uptodown.com/dwn/ErViioeqxx-8IFWTQXPemh3gCR3DEa-QRgfvoK3b_LC3KD8_rW33M8N8VH4_GhHmreyiWB2aTobclPxTEZEMUS55pg2jNMkpG3PXkxU-ECBj85riFfLV74jsFYbiNidk/cdUQGGDVctXPcMHE9wDldmgvWfytpvC-p9_J8a28rosl2NcTIxSYM8hElU-gihNdDmRiebx0LXJdUaqZFqZSSI-G-wzUsEXVOt4ApnshSdC_bjxWN8eO1fTAGKiBgx3I/TZibldMTy2shcyMa0ocj5Zg7fBRHLtC3Q4rL9gkSyGedi90JJXqONJoRxtnu_LhlF6VVlBrtjah542GEfThD0G9hW-hB_DeQwqDNvy-EOZLAhyk8WgwRrbDNnxvO6c0J/.../

Latest 30 of 1,092 download URLs

Scan messengersetup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.