Prompt Distribution – 7% Detection Rate – InstallCore

Hello readers! Just a note on a publisher called Prompt Distribution (Fried Cookie Ltd.). The Prompt Distribution (Fried Cookie Ltd.) download – Skype_Setup.exe – was detected when I uploaded it to VirusTotal. Did you also find a download by Prompt Distribution (Fried Cookie Ltd.)? Was it also detected when you uploaded it to VirusTotal?

By examining the certificate, we can see that Prompt Distribution (Fried Cookie Ltd.) is located in Tel Aviv in Israel. The certificate is issued by GlobalSign CodeSigning CA – G2.

Prompt Distribution Fried Cookie cert

What caught my attention was that the download was called Skype_Setup.exe. This might look like an official Skype download, but it is not. If it was an official download, it should have been signed by Skype Software Sarl.

These are the current VirusTotal detections for the file. Generic.48E, a variant of Win32/InstallCore.SC and InstallCore (fs) as a few of the detection names for the Skype_Setup.exe file.

Prompt Distribution - virustotal

Did you also find a file digitally signed by Prompt Distribution? What kind of download was it and where did you find it?

Thank you for reading.