home

skypesetup.exe

Secure Installer

The application skypesetup.exe by Secure Installer has been detected as a potentially unwanted program by 6 anti-malware scanners. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions.
Publisher:
Secure Installer  (signed and verified)

MD5:
c4ebd3788aca023ea97cecac06d4357a

SHA-1:
f20597c744a9832934ee6ff909df637617866cf8

SHA-256:
eea497520b156390c9a2e24db43d7a53f9bdc715ce47aec621fbe97ca16622f1

Scanner detections:
6 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
5/7/2024 5:51:23 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
Trojan.Crossrider1.49350
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Strictor.97895
10.0.0.5366

ESET NOD32
Win32/InstallCore.BA potentially unwanted application
7.0.302.0

McAfee
Trojan.Artemis!C4EBD3788ACA
18.0.204.0

Reason Heuristics
PUP.installCore.SecureInstaller.Installer (M)
16.2.11.12

VIPRE Antivirus
Threat.4786018
46838

File size:
1.1 MB (1,104,520 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\skypesetup.exe

Digital Signature
Signed by:
Secure Installer

Authority:
COMODO CA Limited

Valid from:
9/25/2012 12:00:00 AM

Valid to:
9/25/2013 11:59:59 PM

Subject:
CN=Secure Installer, O=Secure Installer, STREET=720 Market Street, STREET=5th floor, L=San Francisco, S=CA, PostalCode=94102, C=US

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00C3507C1ADDE6B4C52E5426990F85CA2B

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:FRHeEM4AAIo/Lv+KzovgWoUK2l+Q1bJdYavN2L+aoyawXry95U:39M4/IGv+KzovgWoUDl+Q1bJdYavNAiU

Entry address:
0xCCEC0

Entry point:
55, 8B, EC, 83, C4, F0, B8, 40, 96, 41, 00, E8, 4B, E8, FF, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.8603

Developed / compiled with:
Microsoft Visual C++

Code size:
837.5 KB (857,600 bytes)

Remove skypesetup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.