home

myscreenrecorder.exe

My Screen Recorder

Deskshare, Inc.

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from doc-00-b8-docs.googleusercontent.com and multiple other hosts.
Publisher:
DeskShare Inc.   (signed by Deskshare, Inc.)

Product:
My Screen Recorder

Version:
4.1.0.0

MD5:
b8df8c98853bf6f6c452266e94a96e62

SHA-1:
4f8edce361a694e50c7c5c0a44882175ef520466

SHA-256:
2053d03da5d38496b24087158c41191bdce7b14e098ba250672aa4a00a681c23

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 2:58:03 AM UTC  (today)

File size:
9.2 MB (9,609,320 bytes)

Product version:
4.1.0.0

Copyright:
DeskShare(c) All rights reserved

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\myscreenrecorder.exe

Digital Signature
Signed by:
Deskshare, Inc.

Authority:
COMODO CA Limited

Valid from:
8/18/2011 4:00:00 AM

Valid to:
8/18/2016 3:59:59 AM

Subject:
CN="Deskshare, Inc.", O="Deskshare, Inc.", STREET=PO Box 769, L=Plainview, S=NY, PostalCode=11803, C=US

Issuer:
CN=COMODO Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D51373E39B076A6111608796C15AEF88

File PE Metadata
Compilation timestamp:
6/20/1992 2:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:5BvrXxXT2w7K1ck4xTuD+wtDBIKPP1e1fJwJk6eGdV/Ts8w31LyRGVNvoLUMiBQ:5BDBdpGBIMP1EfJo/bs/e0NcN

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Entropy:
7.9993  (probably packed)

Code size:
37 KB (37,888 bytes)

The file myscreenrecorder.exe has been seen being distributed by the following 9 URLs.

https://doc-00-b8-docs.googleusercontent.com/docs/securesc/5iabf4ghlgf5o850hudivlk84istlfaf/j4opgdfkea247fkfof35aku46eteioq6/1476381600000/.../15670629794151496497/0B96g4SwEoS5rNHpaZU55eDhsNnM?e=download

http://gsf-cf.softonic.com/4f8/edc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40568&instance=softonic_de&type=PROGRAM&Expires=1443498306&Signature=L0FtXUhBMaPwJsyeN0dORtw2mPe80-QZj3zOoNdOERMahGgwAueUsm1le~-GFHNBPw~mM9N0GPod921-K9iJw0R7P0cevuhAqb-hx9xnpcQNKSEmTT68svTjaNUReseAd-jnq7ChS8~Ub8E7r-52IvW8tfoUN2U5C2DyQlQ6qpg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=myscreenrecorder.exe

http://gsf-cf.softonic.com/4f8/edc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40568&instance=softonic_es&type=PROGRAM&Expires=1475857479&Signature=H2OB8zhd57stmxIPTCV2-657MO4sFQnt5dOlRpLoNxG6ogoDTTlt6~kKNt3KLBmMV7ztxAgeAAloT3hLSLkcQPPvvCT6BYV4MlFSa13eX9VmmgzRUW4tUJX~PbqdRxrfnGUJHqm87Rp7piVSm505kdRxzUYr4n3kCF~vFudLHgE_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=myscreenrecorder.exe

http://gsf-cf.softonic.com/4f8/edc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=40568&instance=softonic_es&type=PROGRAM&Expires=1433672024&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=KrTKxH4lqge-5C3g3Zvo8M6~kUuTPv~9l95owSkOiFT2QOeD1Yw4-V3A15-p8naYBUM0BJJekXbffQjaPqQYzCy5CPpkti-r0dTFLNeIaJFDxCXGSLtmA~6JareyVIEfQUln~zmz3hmOd0agjcJotyJvMcb93Q1P7-oqGpT6ues_&filename=myscreenrecorder.exe

http://gsf-cf.softonic.com/4f8/edc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44553&instance=softonic_en&type=PROGRAM&Expires=1466330372&Signature=Y6ytR5z9u1CI9n05ZDRj-trUMzm5lRZkQRNYG4mZwcfzcKutKvuFsmAG~7oStSZumz2-pTL~BzOU4aVaYieCbm-dOcqxw~j4K9Du8eJeNGl8WN7OOZupFpGA8lsJFjOA4z6B4nyiIpYM9PWglsU7Z1ebOcZy4pCEPn55l5xtHVg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=myscreenrecorder.exe

http://gsf-cf.softonic.com/4f8/edc/.../file?SD_used=0&channel=WEB&fdh=no&id_file=44553&instance=softonic_en&type=PROGRAM&Expires=1434343569&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=bL6SiKRT98qQZpLKnh1aPcUZk9~0b1CqdN8zCBkjPrxS7vcx0HdawSCHFh7Nj~PaiDUckalskJun4xXO7kzjUS1HhbnSZgRWSi3Xn-MeNUGmygahtRtT7B69VlqC4VkU1RyKn-4xTThnqdmnRgbGPyZJtH2hjwOuUx7bmA4wyfE_&filename=myscreenrecorder.exe

http://software-files-a.cnet.com/s/software/13/55/.../66/MyScreenRecorder.exe

http://dl.deskshare.com/download/.../msr.exe

http://dl.deskshare.com/download/.../MyScreenRecorder.exe

Scan myscreenrecorder.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.