» skypesetupfull_13230070_206.exe
Overview
Analysis
File Details

skypesetupfull_13230070_206.exe

Matrix 42 AG

The application skypesetupfull_13230070_206.exe by Matrix 42 AG has been detected as a potentially unwanted program by 17 anti-malware scanners.

File name:

Publisher:

Matrix 42 AG (signed and verified)

MD5:

797fb3ffa1138346197798f2559255c6

SHA-1:

ff2bff4ca8204fbc8e4edea77860766c4602ea90

SHA-256:

d0571b6a339d8454dc9207712be8774e4db4a508f58d31368e70a1c380c16a4d

Scanner detections:

17 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 3:50:46 PM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Trojan/Win32.Spnr

2013.01.18

Avira AntiVirus

TR/Graftor.63205.3

7.11.57.194

avast!

Win32:Webalta-E [PUP]

2014.9-170107

Bitdefender

Gen:Variant.Graftor.63205

1.0.20.35

Dr.Web

Adware.Downware.755

9.0.1.07

ESET NOD32

Win32/Adware.Toolbar.Webalta.BA (variant)

11.7905

Fortinet FortiGate

Riskware/Toolbar_Webalta

1/7/2017

F-Secure

Gen:Variant.Graftor.63205

11.2017-07-01_7

G Data

Gen:Variant.Graftor.63205

17.1.22

IKARUS anti.virus

AdWare.Win32.Webalta

t3scan.1.3.5.0

Kaspersky

not-a-virus:HEUR:Downloader.Win32.Walta

14.0.0.-977

McAfee

Artemis!797FB3FFA113

5600.6162

MicroWorld eScan

Gen:Variant.Graftor.63205

18.0.0.21

Norman

W32/Webalta.J

11.20170107

Trend Micro House Call

TROJ_SPNR.08A813

7.2.7

Trend Micro

TROJ_SPNR.08A813

10.465.07

VIPRE Antivirus

Trojan.Win32.Generic

15076

File size:

1.5 MB (1,616,208 bytes)

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

Matrix 42 AG

Authority:

VeriSign, Inc.

Valid from:

2/8/2012 6:00:00 AM

Valid to:

2/25/2015 5:59:59 AM

Subject:

CN=Matrix 42 AG, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Matrix 42 AG, L=Neu-Isenburg, S=Hessen, C=DE

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

4E39FE16E547EC9DB092FD1D9615899D

File PE Metadata

Compilation timestamp:

6/20/1992 4:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0xA4B40

Entry point:

55, 8B, EC, 83, C4, F0, B8, 98, 48, 4A, 00, E8, A8, 21, F6, FF, A1, A0, 70, 4A, 00, 8B, 00, E8, C4, 9F, FB, FF, 8B, 0D, 00, 72, 4A, 00, A1, A0, 70, 4A, 00, 8B, 00, 8B, 15, B4, 52, 47, 00, E8, C4, 9F, FB, FF, 8B, 0D, 44, 72, 4A, 00, A1, A0, 70, 4A, 00, 8B, 00, 8B, 15, 30, 50, 47, 00, E8, AC, 9F, FB, FF, 8B, 0D, 34, 70, 4A, 00, A1, A0, 70, 4A, 00, 8B, 00, 8B, 15, B0, 46, 4A, 00, E8, 94, 9F, FB, FF, A1, A0, 70, 4A, 00, 8B, 00, E8, 08, A0, FB, FF, E8, E7, FB, F5, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

655 KB (670,720 bytes)

Remove skypesetupfull_13230070_206.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.