home

msgr11us.exe

Yahoo! Messenger

This is a setup program which is used to install the application. The file has been seen being downloaded from yahoo-messenger.1800download.com.
Product:
Yahoo! Messenger

Version:
1.0.0.0

MD5:
c0572a65d12b05b5835d87525838c412

SHA-1:
60302e3cdb59d3a151d9511f953a535fd2a60598

SHA-256:
bf2a15ca25f16e48977702fdd25ece98292790bae9883e2b49eb2b5728fea780

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 1:34:30 PM UTC  (today)

File size:
491.7 KB (503,464 bytes)

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\msgr11us.exe

File PE Metadata
Compilation timestamp:
5/20/2013 2:53:00 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:z4uqWSpd5A8zJTmoOG0Y7afUW84T12U0PHTeqpqUG6uUG0Y:3qWSfz8RRYOUWd12U0PH6cG6uU+

Entry address:
0x331C

Entry point:
C6, C1, 1B, F6, C3, 96, 89, D7, FE, CA, F7, C1, 6E, BC, F3, 2F, 68, D8, C9, AA, 00, 05, 45, EE, 79, 0F, 40, 0F, B6, C7, 3D, 5F, A4, 00, 00, 72, 08, 0F, AF, D0, B8, A2, 2F, 1F, 2C, C6, C3, 21, 0A, FF, F2, E8, 00, 00, 00, 00, 0F, AF, D3, 69, F5, 4F, 43, C3, D7, 69, F3, 2B, 14, D3, 56, 89, EE, F7, C1, E4, E2, 56, EE, 4D, 03, CB, 35, 92, 54, 51, 00, F6, C1, 5E, C6, C2, 60, 58, 69, FB, 91, 5E, 18, 54, 68, 76, 78, 67, 00, FF, CA, 0F, B7, E8, 85, F0, 87, FA, 69, E9, A3, 6B, D7, 29, 0F, B7, D3, 2B, CD, 8D, 3D, D9...
 
[+]

Entropy:
7.9071  (probably packed)

Code size:
24 KB (24,576 bytes)

The file msgr11us.exe has been seen being distributed by the following URL.

http://yahoo-messenger.1800download.com/get_azure_file/.../a1A2h0IcTPIhkqhaftFiQlc8b40ucnTTDuoFGWlv5kD9G3ccKkfSUFnIHhTKBh3UEH5sv3jF3yfOMkz3P5HpIIrYTuHS688YOb2SYjbaQDHNAvMjwptei1FB9kjBWi3J5OFSbzUFKv98 m1QRmNHDOqm8Sz9Ke

Scan msgr11us.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.