home

11.1751_ymsgr1100_1751_us.exe

Yahoo! Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from software.oldversion.com.
Publisher:
Yahoo! Inc.

Description:
Yahoo! Messenger

Version:
11.0.0.1751

MD5:
1bbb15ca25e20f3801ae1b5cf993f963

SHA-1:
2b96903e2e447b8d6b962d33efd55468db13ee45

SHA-256:
b1df5f0212cf11f1dd13199e7c5e9ed62f2cd1870879435ff1639b521896f30a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 4:37:17 PM UTC  (today)

File size:
16.8 MB (17,645,912 bytes)

Copyright:
1997-2010 Yahoo! Inc.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\11.1751_ymsgr1100_1751_us.exe

File PE Metadata
Compilation timestamp:
4/8/1999 11:24:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
393216:01YRUE5+FpUV3KN238saj7lIg1ie48r5b/Wt+tGPGLdI4oBEdvn:01s0FQKkssi/EgVb/Wt+Y+LS4WEdP

Entry address:
0x1000

Entry point:
60, EB, 03, 41, 84, F4, 0F, AF, D7, 88, D4, 81, FE, A1, 84, 00, 00, 76, 0D, 81, ED, C6, C3, 08, 97, BF, D0, 94, FD, 39, B7, 55, 80, C3, DD, FF, CD, 3B, C0, 74, 06, 8D, 05, AB, 8D, A8, DD, 81, C2, 70, F2, 00, 00, 69, C8, FB, E8, E4, E9, 0F, AF, CB, 81, C2, 0D, 0C, 00, 00, 3B, C6, 72, 05, 10, FE, 88, D8, 4B, F6, C7, 76, 80, F3, 18, F2, 8D, 35, A0, E8, 91, 11, 68, 47, FA, 47, 00, 68, 31, 40, 2B, 00, 85, D8, 8B, CB, 21, D5, E8, 23, 00, 00, 00, 87, E8, 86, D1, F6, C6, FD, F6, C1, 61, 0F, BE, C2, 0F, BF, EF, 87...
 
[+]

Entropy:
7.9982  (probably packed)

Code size:
512 Bytes (512 bytes)

The file 11.1751_ymsgr1100_1751_us.exe has been seen being distributed by the following URL.

http://software.oldversion.com/download.php?f=YTo1OntzOjQ6InRpbWUiO2k6MTQ2OTY4OTc0MztzOjI6ImlkIjtpOjcwNztzOjQ6ImZpbGUiO3M6Mjk6IjExLjE3NTFfeW1zZ3IxMTAwXzE3NTFfdXMuZXhlIjtzOjM6InVybCI7czo1NzoiaHR0cDovL3d3dy5vbGR2ZXJzaW9uLmNvbS93aW5kb3dzL3lhaG9vLW1lc3Nlbmdlci0xMS0xNzUxIjtzOjQ6InBhc3MiO3M6MzI6Ijc1NTdkMzk2ZWYzNzZjYmRhZjMwZTQzZTBhMWMzNjhhIjt9

Scan 11.1751_ymsgr1100_1751_us.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.