home

skypesetupfull.exe

Microsoft Corporation

This is a setup program which is used to install the application. The file has been seen being downloaded from mirror.szepe.net and multiple other hosts.
Publisher:
Microsoft Corporation  (signed and verified)

MD5:
28e25f4a41ff7f65f57435abd858c7ba

SHA-1:
273ab4de67dcf06dc97146a32e7cd108e1a29bd0

SHA-256:
53c3e69a6b8382d8e057066a8693546e750acbdb854301b94c454b535b7d9a1c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/15/2024 2:31:26 PM UTC  (today)

File size:
24.4 MB (25,624,576 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\skypesetupfull.exe

Digital Signature
Signed by:
Microsoft Corporation

Authority:
Microsoft Corporation

Valid from:
3/13/2013 9:31:10 PM

Valid to:
6/13/2014 10:31:10 PM

Subject:
CN=Skype Software Sarl, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Issuer:
CN=Microsoft Code Signing PCA, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

Serial number:
33000000BAC6104032D6DD18900001000000BA

File PE Metadata
OS version:
0.65534

OS bitness:
Win64

Linker version:
254.255

.NET CLR dependent:
Yes

CTPH (ssdeep):
786432:U29wL4Xs9HS6jkMgyPI1EK5J2fk5zqunYZnEdp9:Uu89YH5JNqvNEdp9

Entry address:
0x70000

Entry point:
D0, CF, 11, E0, A1, B1, 1A, E1, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 3E, 00, 04, 00, FE, FF, 0C, 00, 06, 00, 00, 00, 00, 00, 00, 00, 0E, 00, 00, 00, 07, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 10, 00, 00, 02, 00, 00, 00, 03, 00, 00, 00, FE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, AB, 00, 00, 00, AC, 00, 00, 00, AD, 00, 00, 00, AE, 00, 00, 00, AF, 00, 00, 00, 00, 18, 00, 00, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF, FF...
 
[+]

Code size:
384 KB (393,228 bytes)

The file skypesetupfull.exe has been seen being distributed by the following 13 URLs.

http://mirror.szepe.net/.../SkypeSetup_6.14.0.104.msi

https://docs.google.com/uc?authuser=0&id=0B4jO_m5WJNTvSHp5dXRLT3Jzb1k&export=download

https://onedrive.live.com/download.aspx?cid=DB6E69DD03D093C9&resid=DB6E69DD03D093C9!158

http://web.archive.org/web/20140413131237/http:/download.skype.com/.../SkypeSetup_6.14.0.104.msi

http://www.freedomslips.com/.../SkypeSetup_6.14.0.104.msi

http://softplaneta.ru/dl245133?dl=1&base=

http://web.archive.org/web/20140413131237/http://download.skype.com/.../SkypeSetup_6.14.0.104.msi

https://web.archive.org/web/20140413131237/http://download.skype.com/.../SkypeSetup_6.14.0.104.msi

http://besplatnye-programmy.com/.../download.php?id=611

http://download.skype.com/.../SkypeSetup_6.14.0.104.msi

http://files.filepuma.com/files/web-phones-and-volp-software/.../Skype_v6.14.0.104.msi

http://www.filepuma.com/down/1393515010c5217/skype_6.14.0.104/.../0/

http://www.filepuma.com/file/1393515010c5217/skype_6.14.0.104/.../0/

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.