home

SkypeSetup.exe

Skype

Skype Technologies S.A.

The executable SkypeSetup.exe has been detected as malware by 5 anti-virus scanners. This is a self-extracting archive and installer, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from en.kioskea.net.
Publisher:
Skype Technologies S.A.

Product:
Skype

Description:
Skype

Version:
7.1.0.105

MD5:
2e368a1937a6e8833e168105ff6ade7c

SHA-1:
c50fc0757c725003af17b97037a5565fde802572

SHA-256:
27cc2af45e48a2973d8da6061e2dc6a3e948bab5da7c156b2a0538bf69d1cf50

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
11/2/2024 11:21:40 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:SaliCode
160518-2

ESET NOD32
Win32/Sality.NBA virus
7.0.302.0

F-Prot
W32/Sality.gen2
4.6.5.141

Microsoft Security Essentials
Threat.Undefined
1.225.2254.0

VIPRE Antivirus
Threat.4758034
50880

File size:
1.5 MB (1,613,920 bytes)

Product version:
7.1

Copyright:
(c) Skype Technologies S.A.

Original file name:
SkypeSetup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\skypesetup.exe

File PE Metadata
Compilation timestamp:
1/23/2015 10:08:35 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:ouY5YTkf74kRL83E3E7MiQxU3cIFEbhg0L8bzt2PklOYzRiG+ahQYdVx:ouY5YaRCQxkxydLw7Qq

Entry address:
0x2E41A0

Entry point:
F7, C1, CD, B7, 14, C9, 78, 04, 8B, D5, 8A, E9, 21, CA, 0F, B6, FA, F7, C0, 63, 54, 92, 90, 8B, D6, C6, C1, 86, 0F, B7, CB, 52, 81, FE, 71, D7, 00, 00, 74, 06, 87, DD, 3B, CF, F7, DF, 58, F7, D5, 80, C2, F8, 2B, F0, 0F, AF, D2, 3B, F2, 76, 0D, B4, A5, FF, C8, 0F, BE, F7, 81, F7, 66, 4E, 40, 22, 3D, 32, 5F, 00, 00, 77, 06, 69, DA, BF, 9D, A6, A5, 68, 9E, 55, F4, 00, 68, 99, 08, A3, 00, 81, D1, 1A, 6F, FF, 9D, E8, 26, 00, 00, 00, 81, F9, CD, B0, 00, 00, 71, 03, 80, E2, F9, 84, D4, 46, FF, CA, 8D, 3E, F6, C1...
 
[+]

Entropy:
7.6635

Code size:
1.2 MB (1,232,896 bytes)

The file SkypeSetup.exe has been seen being distributed by the following URL.

http://en.kioskea.net/download/.../download-82-skype

Remove SkypeSetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.