» skypelauncher-setup.exe
Overview
Analysis
File Details

skypelauncher-setup.exe

Skype Launcher

Stefan Heinemann

The application skypelauncher-setup.exe, “Skype Launcher Setup ” by Stefan Heinemann has been detected as a potentially unwanted program by 2 anti-malware scanners. This is a self-extracting archive and installer and has been known to bundle potentially unwanted software. The installer uses the OpenCandy monitzation platform which will donwload and install offers in the setup for potentially unwanted software including ad/search-supported toolbars.

File name:

Publisher:

binaerkombinat (signed by Stefan Heinemann)

Product:

Skype Launcher

Description:

Skype Launcher Setup

Version:

1.6.2

MD5:

9b55e330ee833293a0d306d5b32368ea

SHA-1:

0d6642d4438285c4a4836d252ccb10c2a34f7d8f

SHA-256:

b31da32ef643f3b15b3a4fe50ec6804432071fae588fbfef30a84880fd526b33

Scanner detections:

2 / 68

Status:

Potentially unwanted

Explanation:

Packages the OpenCandy software bundler that offers to install additional software and may include web browser add-ons and toolbars which display advertising (based on publisher settings and geo context).

Analysis date:

4/23/2024 9:33:31 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/OpenCandy

9.8498

Reason Heuristics

PUP.OpenCandy.Installer (L)

16.12.4.19

File size:

1.1 MB (1,131,904 bytes)

Product version:

1.6.2

binaerkombinat

File type:

Executable application (Win32 EXE)

Language:

Turkish (Turkey)

Common path:

C:\users\{user}\downloads\skypelauncher-setup.exe

Digital Signature

Signed by:

Stefan Heinemann

Authority:

The USERTRUST Network

Valid from:

5/19/2011 3:00:00 AM

Valid to:

5/19/2013 2:59:59 AM

Subject:

CN=Stefan Heinemann, O=Stefan Heinemann, STREET=Gubitzstrasse 51, L=Berlin, S=Berlin, PostalCode=10409, C=DE

Issuer:

CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:

2E338F02E00B2480D033C37A7FF1869B

File PE Metadata

Compilation timestamp:

3/17/2011 12:22:54 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:CMjh9p6T4XlO0cV1MXroXeDQ2/QX1e1mv9ozujIPZRCFdJic3:RAT4Vb7cXeDQ2/QleEvqujIPZRYR3

Entry address:

0x16478

Entry point:

55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B0, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 4E, EC, FF, FF, E8, F5, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, AC, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, AC, D6, 41, 00, B2, 01... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

84 KB (86,016 bytes)

Remove skypelauncher-setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.