» ICC.exe
Overview
Analysis
File Details
Downloads (2)

ICC.exe

ICC - Immo Code Calculator

Xak's Research Lab

The executable ICC.exe has been detected as malware by 20 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from s6188.chomikuj.pl and multiple other hosts.

File name:

ICC.exe

Publisher:

Xak's Research Lab

Product:

ICC - Immo Code Calculator

Version:

1.0.0.298

MD5:

a3522729ac88a834f869199aecb98753

SHA-1:

eb4a2f7c02911953467c829dc31366f7bf024d66

SHA-256:

b4a55fc506ab456e3bd01ea418114f2a18c37eb29b84f5ffac7dfb648f9fbf05

Scanner detections:

20 / 68

Status:

Malware

Analysis date:

11/15/2024 7:56:47 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Packed/FSG

7.1.1

Avira AntiVirus

TR/Dldr.Agent.1158

7.11.178.236

avast!

Win32:Malware-gen

2014.9-160122

AVG

fsg

2017.0.2856

Bkav FE

HW32.Packed

1.3.0.4959

Comodo Security

UnclassifiedMalware

19815

Fortinet FortiGate

PossibleThreat

1/22/2016

F-Prot

W32/Heuristic-210

v6.4.7.1.166

G Data

Win32.Trojan.Agent.2O7QVC

16.1.24

IKARUS anti.virus

Packed.Win32.Katusha

t3scan.1.7.8.0

K7 AntiVirus

Trojan

13.184.13704

McAfee

Artemis!A3522729AC88

5600.6512

Norman

Packed_FSG.D

11.20160122

Qihoo 360 Security

Win32/Trojan.a8a

1.0.0.1015

Quick Heal

(Suspicious) - DNAScan

1.16.14.00

Sophos

Mal/Packer

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-FSG

9369

Trend Micro House Call

TROJ_GEN.R0CBC0EG414

7.2.22

Trend Micro

TROJ_GEN.R0CBC0EG414

10.465.22

VIPRE Antivirus

Trojan.Win32.Generic

33974

File size:

6.3 KB (6,433 bytes)

Product version:

1.0

http://pin-code.net

Original file name:

ICC.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\icc.exe

File PE Metadata

Compilation timestamp:

9/11/1987 3:35:02 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

CTPH (ssdeep):

192:KpdTcTz2cK6qicoVhutVaSepC+2trx0VDs:KpdTcTHK6Bcxrt+qas

Entry address:

0x154

Entry point:

4D, 5A, 21, 78, 61, 6B, 2E, 70, 70, 2E, 72, 75, 50, 45, 00, 00, 4C, 01, 02, 00, 46, 53, 47, 21, 00, 00, 00, 00, 00, 00, 00, 00, E0, 00, 0F, 01, 0B, 01, 00, 00, 00, 06, 00, 00, 00, 30, 00, 00, 00, 00, 00, 00, 54, 01, 00, 00, 00, 10, 00, 00, 0C, 00, 00, 00, 00, 00, 40, 00, 00, 10, 00, 00, 00, 02, 00, 00, 04, 00, 00, 00, 04, 00, 00, 00, 04, 00, 00, 00, 00, 00, 00, 00, 00, A0, 00, 00, 00, 02, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 00, 00, 10, 00, 00, 10, 00, 00, 00, 00, 10, 00, 00, 10, 00, 00, 00, 00, 00, 00... 
[+]

Code size:

1.5 KB (1,536 bytes)

The file ICC.exe has been seen being distributed by the following 2 URLs.

http://s6188.chomikuj.pl/File.aspx?e=zQPQeb1iIsalOd2xPZluh9sy3mdFWtWnP2xGXaIn-eAbuJbMdOnX1yBO5P4kA8789cjCuR17dxcuSYiKlJSCqVmRhFUmi4EIPeBsulS36pBDfPmbo0ZDA76Z8bCMMfA5&pv=2

http://s6188.chomikuj.pl/File.aspx?e=zQPQeb1iIsalOd2xPZluhywu1pw1I3Ibfcdb4nZe3L3CFxmvPAiStIYbyXjSUytOJti6N7jPdJdn8rVce6kJpRf1vPUECLFrOoVlg4iAJwbKmfDkB2bwFrZtnMnIpGrO&pv=2

Remove ICC.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.