yousenditexpresssetup2_7_3.exe

YouSendIt Express

YouSendIt, Inc.

The program is a setup application that uses the InstallShield Setup installer. This file is installed with the program YouSendIt Express. The file has been seen being downloaded from static.hightail.com and multiple other hosts.
Publisher:
YouSendIt   (signed by YouSendIt, Inc.)

Product:
YouSendIt Express

Description:
Setup Launcher

Version:
2.7.3

MD5:
764cf68716427cad4fb7940c4b9c45fe

SHA-1:
cc58fa2cf41e7f8eb4c15ad500695307c401899f

SHA-256:
29255a0d4d44b38ee8704a90093ed8685ba7e2c207c48eeea9486ba21042aba3

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/27/2024 12:57:23 PM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
PUA.Packed.PECompact-1
0.98/18155

File size:
5 MB (5,213,832 bytes)

Product version:
2.7.3

Copyright:
Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.

Original file name:
Setup.exe

File type:
Executable application (Win32 EXE)

Installer:
InstallShield Setup

Language:
English (United States)

Common path:
C:\users\{user}\downloads\yousenditexpresssetup2_7_3.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/11/2008 1:00:00 AM

Valid to:
2/24/2011 12:59:59 AM

Subject:
CN="YouSendIt, Inc.", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="YouSendIt, Inc.", L=Mountain View, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
15618BE6D4EA204F5B9B4540E70EED3B

File PE Metadata
Compilation timestamp:
9/11/2008 7:55:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:qSk/0PUL3JwZo+4eY/HM4GJTjwpRZ1AmRir/09pxCAd1rQ9yqJvu3nt5P1R9kRVA:qK46tYHCURM6MMcAd10EQ6ntdRkK

Entry address:
0x36327

Entry point:
55, 8B, EC, 6A, FF, 68, 08, AD, 46, 00, 68, 48, A1, 43, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 74, 91, 46, 00, 33, D2, 8A, D4, 89, 15, C4, 5F, 48, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, C0, 5F, 48, 00, C1, E1, 08, 03, CA, 89, 0D, BC, 5F, 48, 00, C1, E8, 10, A3, B8, 5F, 48, 00, 6A, 01, E8, 4E, 24, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 65, 0D, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
416 KB (425,984 bytes)

The file yousenditexpresssetup2_7_3.exe has been discovered within the following program.

YouSendIt Express  by YouSendIt
Publisher's description - “YouSendIt is the most popular and secure online file sharing software that allows you to easily send large files and email attachments.”
www.yousendit.com
12% remove it
 
Powered by Should I Remove It?

The file yousenditexpresssetup2_7_3.exe has been seen being distributed by the following 2 URLs.

https://static.hightail.com/.../YouSendItExpressSetup2_7_3.exe

Scan yousenditexpresssetup2_7_3.exe - Powered by Reason Core Security