home

Skype.exe

Skype

Microsoft Corporation

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Skype’.
Publisher:
Skype Technologies S.A.  (signed by Microsoft Corporation)

Product:
Skype

Description:
Skype

Version:
7.7.80.103

MD5:
674674efd8908f4beac92b76cb580cca

SHA-1:
4d44f40e1a54febe08312116b5ad8ecb771fcf19

SHA-256:
6769fe827761920a6160e03124f30f070da2cac87c644b2188a9e2c101a0e53b

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/23/2024 8:01:57 AM UTC  (today)

File size:
51.3 MB (53,740,103 bytes)

Product version:
7.7

Copyright:
© 2003 - 2012 Skype and/or Microsoft

Original file name:
Skype.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\skype\phone\skype.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
5/15/2014 2:30:12 AM

Valid to:
8/15/2015 2:30:12 AM

Subject:
CN=Skype Software Sarl, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
33000000CE0CBEEAB1282324420001000000CE

File PE Metadata
Compilation timestamp:
7/29/2015 2:49:08 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
786432:bMQWLC9b/CxSOjVXwSlJW619n8mhMhdSE4jkoW:bMQWLC9b/CxSOjVXwkr98mehITjkoW

Entry address:
0x1B3E008

Entry point:
E9, 41, F9, FF, FF, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, CC, A5, F2, 01, E8, 7F, E4, 4C, FE, 8B, 3D, 20, 5D, F7, 01, 33, C0, 55, 68, CA, E3, F3, 01, 64, FF, 30, 64, 89, 20, 6A, 01, 8D, 55, DC, 33, C0, E8, 4F, D3, 5D, FE, 8B, 45, DC, 89, 45, E0, C6, 45, E4, 11, 8D, 45, D8, E8, CD, DF, 5D, FE, 8B, 45, D8, 89, 45, E8, C6, 45, EC, 11, 8D, 4D, E0, BA, E8, E3, F3, 01, B8, 10, E4, F3, 01, E8, 51, 49, 5E, FE, 6A, 00, 8D, 45, C8, 8B, 15, 24, 59, F7, 01, 8B, 12, E8, EB, A4, 4C, FE, 8B, 45, C8...
 
[+]

Entropy:
6.6055

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
27.2 MB (28,562,944 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Skype

Command:
"C:\Program Files\skype\phone\skype.exe" \minimized \regrun


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.