yosetup.exe

RepkaSoft

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is installed with YoWindow. The file has been seen being downloaded from software-files-a.cnet.com and multiple other hosts.
Publisher:
RepkaSoft  (signed and verified)

MD5:
7ae8ec6ae8ffd107b6d21d4df8f9d0e5

SHA-1:
8d21741f411103221e34eea605a616de5074893e

SHA-256:
fe540b04520748cedd2bea517e4a226c5a2e5a9e4ca60267b1933b78000ed50c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 2:40:23 PM UTC  (today)

File size:
11.6 MB (12,195,616 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\kazumaru\Local settings\temp\{random}.tmp\vmwarednd\9d14f580\??\yosetup.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
9/2/2013 9:00:00 AM

Valid to:
12/3/2015 8:59:59 AM

Subject:
CN=RepkaSoft, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=RepkaSoft, L=Saint-Petersburg, S=Russian Federation, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4C4114980DB0E6BB385F90F6249443C7

File PE Metadata
Compilation timestamp:
12/6/2009 7:50:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
196608:HT0LTfiXN6HnfoH0wiz8INJxok2l727XLBsgoh3bX0/oJHevXOSm36ZX4U2:yfi9unfbd8IWE7bOnZERGS5X4D

Entry address:
0x323C

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 58, 3F, 42, 00, E8, 09, 2C, 00, 00, A3, A4, 3E, 42, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 58, F4, 41, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, A0, 36, 42, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 90, 42, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.9984

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file yosetup.exe has been discovered within the following program.

YoWindow  by RepkaSoft
Publisher's description - “YoWindow is a full featured weather program with beautiful graphics. The magic of YoWindow is living landscapes that reflect the weather. Just like in your window. In YoWindow you can even scroll time forward to see the weather forecast.”
yowindow.com
2% remove it
 
Powered by Should I Remove It?

The file yosetup.exe has been seen being distributed by the following 6 URLs.

Scan yosetup.exe - Powered by Reason Core Security