home

msgr11us.exe

Yahoo! Inc.

The program is a setup application that uses the Nullsoft Scriptable Install System installer. The file has been seen being downloaded from www.go4it.ro.
Publisher:
Yahoo! Inc.

Description:
Yahoo! Messenger Suite Install Bootstrapper Setup

Version:
2011.06.28.02

MD5:
2c382abdb924b67283bda3422b5f6651

SHA-1:
fad55325fb1b7b0b672bf34b26dc675804c5cecf

SHA-256:
442ec20f0803ae52c9ea31fed2ff572fd99b402aa078e646173e3c50c7641196

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 3:03:55 AM UTC  (today)

File size:
482.4 KB (493,960 bytes)

Copyright:
Copyright (c) 2011 Yahoo! Inc.

File type:
Executable application (Win32 EXE)

Installer:
Nullsoft Scriptable Install System

Language:
English (United States)

Common path:
C:\users\{user}\downloads\msgr11us.exe

File PE Metadata
Compilation timestamp:
12/5/2009 2:50:41 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
12288:xM3yvQh6UrhiGebs6dquJc8VJ3/B3/+sc8lYjD:xM3AQzDebsQ7JcQJ5286jD

Entry address:
0x30CB

Entry point:
84, EC, F7, C1, 11, 4C, 10, F7, 77, 08, 8D, 3D, 02, C1, 9C, 85, 8A, C0, 69, F2, 62, 7C, 9A, 48, 8D, 3D, FB, F5, 08, EE, 01, D9, F6, C4, A6, 84, CF, FF, C8, 84, F6, 19, D7, 71, 07, 0F, AF, F6, 87, EA, 87, DB, E8, 6F, 00, 00, 00, 0F, AF, DB, FF, C6, F3, 84, FA, 69, C9, BD, EC, 14, 66, F3, C7, C5, F5, A5, CC, EC, 0F, AF, F6, 8D, 05, 05, 00, 00, 00, 8B, F0, 69, C0, 9F, 27, 00, 00, BE, 00, 00, 00, 00, F6, C3, F6, 47, 8A, E5, 2C, 55, BA, BF, C9, 63, 43, 81, C6, 62, 0E, 00, 00, C6, C7, 45, 81, EE, 61, 0E, 00, 00...
 
[+]

Entropy:
7.9365  (probably packed)

Code size:
22.5 KB (23,040 bytes)

The file msgr11us.exe has been seen being distributed by the following URL.

http://www.go4it.ro/.../8410726

Scan msgr11us.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.