See: htxp://download.cdn.oovoo.com/download/oovoosetup.exe
SHA1: ec81346ab5e238d374e6fc35114458d4d8b1de13
Name: Suspicious-WI.
See: https://www.virustotal.com/nl/url/72491026abe789672ce605f6e27d577bdd8e74aab63272396cd9944a23767c85/analysis/1405690839/
and https://www.virustotal.com/nl/file/8c0fc26eac1907cc51f92ac760b110a8327f0da501d96ab80bf189dea0ee6b13/analysis/1405677116/
I get an empty response.
Also consider: http://zulu.zscaler.com/submission/show/2dba3ac0e4a77aefdc6b3b6d1d18acbc-1405691000
Quttera comes up with this:
static-wXw.cdn.oovoo.com/ga/oovoo_ga.js
Severity: Suspicious
Reason: Detected encoded JavaScript code commonly used to hide suspicious behaviour.
Details: Generic
Offset: 10279
Threat dump: File name: static-www.cdn.oovoo.com/ga/oovoo_ga.js

[[\x7C\x7C\x7C\x7C\x7C\x7C\x7C\x7C\x61\x72]] 

→ http://wepawet.iseclab.org/view.php?hash=65f94e676ac70fd8bf98dc4188b856f3&t=1368475314&type=js benign
see: http://www.exedb.com/systemfiles/oovoo_ga[1].js.html
Threat dump MD5: 8524417EAFE008993C354418E032E60F
File size[byte]: 34933
File type: ASCII
MD5: 33AF41CEFE8506333DFDCE91FBB2EAEB

polonus

First submission 2014-02-06 13:40:17 UTC ( 5 months, 1 week ago )
https://www.virustotal.com/en/file/8c0fc26eac1907cc51f92ac760b110a8327f0da501d96ab80bf189dea0ee6b13/analysis/1405691973/

killmalware http://killmalware.com/download.cdn.oovoo.com/
suspicious file
https://www.virustotal.com/en/file/16e0f415a70899a8c38d8c94a282ebae9eb4bdac834273278f7bc0217e1b31bf/analysis/1405692205/

Hi Polonus,

The string above is in hex format and translates to:

||||||||ar

Likely a common obfuscation algorithm.

~!Donovan

Hi !Donovan,

It is a variant of Google Analytics common tracking code, an obfuscated.
To check one could run it against these resources: http://http-sniffer.find-my-search.com/en/web-sniff-of/malcode.nl/
But alas no result from there.

polonus