home

skypekit.exe

This is a setup program which is used to install the application. It runs as a scheduled task under the Windows Task Scheduler. The file has been seen being downloaded from help.trillian.im and multiple other hosts.
MD5:
d233f6fc12d8026acb2372015a77a2c6

SHA-1:
f7f7b9e42fc202860d950c509856eb0496dcc7c2

SHA-256:
ac9a4659ba73ce412c74285b40e9cf0cbef07b354e15896af474441aedcf2240

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/15/2024 6:14:00 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.CDB
1.3.0.4613

Rising Antivirus
PE:Malware.XPACK/RDM!5.1
23.00.65.131224

File size:
3.1 MB (3,284,992 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\trillian\plugins\skypekit.exe

File PE Metadata
Compilation timestamp:
4/23/2012 8:03:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
98304:w2J1ndmS/g3hc2TUkoGW749UzUU0ux6i9M:5noS/OS2IrGW747up

Entry address:
0xF4EAE

Entry point:
FC, B8, 71, 12, F0, 2F, B9, C0, 29, 4F, 00, 81, F9, AE, 4E, 4F, 00, 75, 06, 81, C1, 27, 00, 00, 00, 30, 01, C1, C0, 03, 41, 81, F9, E0, 8E, 50, 00, 75, E4, EF, 47, F0, 90, 83, 24, CF, F8, 3B, DA, D0, 4E, F8, C4, C2, 86, 0C, 92, B6, CC, 9F, 5F, FF, F8, C0, 89, 57, 3F, 17, EA, 9B, DA, 6F, 75, A5, 50, C5, CE, 37, 0B, 91, F5, AE, 9D, 03, 1F, 01, 09, C0, 1B, A1, 4E, 0E, 93, FF, F8, C0, 02, F9, 9A, 17, A7, DE, 14, 7F, FF, 79, C5, C8, AF, 6A, F4, FF, 68, FF, 0C, E2, 5A, A1, 47, 06, 4E, 72, DC, 87, 50, 49, FA, 4B...
 
[+]

Entropy:
7.9989  (probably packed)

Code size:
4.4 MB (4,653,056 bytes)

Scheduled Task
Task name:
{813A803B-5A46-4172-953A-E52997A3F434}

Trigger:
Registration (Runs on registration)


Windows Firewall Allowed Program
Name:
C:\Program Files\Trillian\plugins\skypekit.exe


The file skypekit.exe has been seen being distributed by the following 3 URLs.

http://help.trillian.im/discussions/windows/14138/assets/.../skypekit.exe

http://help.trillian.im/discussions/windows/24564/assets/.../skypekit.exe

http://docs.quikbox.com/.../?id=T&filename=Trillian&path=skypekit.exe

Scan skypekit.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.