home

iPCLauncher.exe

iPCLauncher

This is a setup program which is used to install the application. The file has been seen being downloaded from cloclo28.cldmail.ru and multiple other hosts.
Product:
iPCLauncher

Description:
Custrom Minecraft launcher

Version:
0.0.0.1

MD5:
404701a8a3f9afad016a84a174acdcbb

SHA-1:
6c1a80b14e8e6d9297a23d4fd2a314753c87800f

SHA-256:
ce3034463c69b1a23718f62dcccb3e9d89ae329f5fd5ca69fe3733a0147ada33

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/23/2024 2:26:25 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Exploit.Java.Agent!c
2.1.4+

Fortinet FortiGate
Java/Adwind.FN!tr
2/4/2016

IKARUS anti.virus
Trojan.Java.Adwind
t3scan.2.0.4.0

Zillya! Antivirus
Adware.BrowseFox.Win32.130186
2.0.0.2639

File size:
1.4 MB (1,433,626 bytes)

Product version:
0.0.0.1

Copyright:
Powered by Alexander Repin / oDD1 special for iplaycraft.ru

Original file name:
iPCLauncher.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\ipclauncher.exe

File PE Metadata
Compilation timestamp:
10/16/2015 5:36:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.22

CTPH (ssdeep):
24576:aUStYFBaBUvnfe6vId6gLuA6Y3j1Uy+NtKjRlBS79XG+dLxPf:NLaBUvmM6utKFz0Q+NxPf

Entry address:
0x1290

Entry point:
55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 90, 22, 41, 00, E8, A8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, C8, 22, 41, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, B4, 22, 41, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, BA, 80, 00, 00, 00, 89, E5, 57, 31, C0, 8D, BD, E8, FE, FF, FF, 56, 53, 81, EC, 1C, 01, 00, 00, 89, 54, 24, 08, 89, 44, 24, 04, 89, 3C, 24, E8, FF, 57, 00, 00, 89, 7C, 24, 04, C7, 04, 24, 18, 00, 00, 00, E8, 97, 0D, 00, 00, 85, C0, 0F, 84, 7C, 00, 00...
 
[+]

Entropy:
7.9567

Packer / compiler:
MingWin32

Code size:
23.5 KB (24,064 bytes)

The file iPCLauncher.exe has been seen being distributed by the following 27 URLs.

https://cloclo28.cldmail.ru/2aA3FwikMKjuvpUa4z4c/G/2qEX/.../iPCLauncher.exe

https://cloclo2.cldmail.ru/nfvd2z9chNfx1dkr5P4/G/2qEX/.../iPCLauncher.exe

https://cloclo39.cldmail.ru/N58VCFycMQaogyWm4R1/G/2qEX/.../iPCLauncher.exe

https://cloclo11.cldmail.ru/26vFE5UZNjJC7vfpmTGf/G/2qEX/.../iPCLauncher.exe

https://cloclo14.cldmail.ru/2zHMYCNiuGepeemysusm/G/2qEX/.../iPCLauncher.exe

https://cloclo22.cldmail.ru/jtBosixxemRsPz1kMru/G/2qEX/.../iPCLauncher.exe

https://cloclo27.cldmail.ru/YeST1sDB3KzgaTokdjd/G/2qEX/.../iPCLauncher.exe

https://cloclo37.cldmail.ru/Ye6Atx7kYnqRfLbWn7P/G/2qEX/.../iPCLauncher.exe

https://cloclo3.cldmail.ru/ecCPE1DHc5PT5kuRofo/G/2qEX/.../iPCLauncher.exe

https://cloclo9.cldmail.ru/wmoP9YiqoBYWZeMHCgo/G/2qEX/.../iPCLauncher.exe

https://cloclo39.cldmail.ru/2pEktCqFsXGXHFGC3shb/G/2qEX/.../iPCLauncher.exe

https://cloclo11.cldmail.ru/2ARYBoRmwAQzf9Abys9E/G/2qEX/.../iPCLauncher.exe

https://cloclo2.cldmail.ru/Zt4pdWKMkztZJCfcPue/G/2qEX/.../iPCLauncher.exe

https://cloclo37.cldmail.ru/8TWT7vBmVnC4J2wBeSg/G/2qEX/.../iPCLauncher.exe

https://cloclo40.cldmail.ru/2oYd1eiq3c8FUvmhM5UR/G/2qEX/.../iPCLauncher.exe

https://cloclo2.cldmail.ru/msZtYcgQ3zhmx3BtM6s/G/2qEX/.../iPCLauncher.exe

https://cloclo2.datacloudmail.ru/weblink/get/2qEX/.../iPCLauncher.exe

https://cloclo15.datacloudmail.ru/weblink/get/2qEX/.../iPCLauncher.exe

https://cloclo26.cldmail.ru/2k3Jmoxe29hA6fHgQGcB/G/2qEX/.../iPCLauncher.exe

https://cloclo18.cldmail.ru/2BAnUSB2a93niWVqqrqS/G/2qEX/.../iPCLauncher.exe

https://cloclo16.cldmail.ru/akrqZmHtHbNSLaTggAR/G/2qEX/.../iPCLauncher.exe

http://auth.iplaycraft.ru/files/.../iPCLauncher.exe

https://cloclo18.cldmail.ru/2a1Z6PzYUmPFEcaux9BV/G/2qEX/.../iPCLauncher.exe

https://cloclo23.datacloudmail.ru/weblink/get/2qEX/.../iPCLauncher.exe

https://cloclo28.cldmail.ru/cbneP11fPdYcXjRJ6bM/G/2qEX/.../iPCLauncher.exe

https://cloclo27.datacloudmail.ru/weblink/get/2qEX/.../iPCLauncher.exe

https://cloclo19.datacloudmail.ru/weblink/get/2qEX/.../iPCLauncher.exe

Scan iPCLauncher.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.