» ipclauncher.exe
Overview
Analysis
File Details
Downloads (1)

ipclauncher.exe

The executable ipclauncher.exe has been detected as malware by 13 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from auth.iplaycraft.ru.

File name:

ipclauncher.exe

MD5:

96453574e24275c27040503b3dd16e33

SHA-1:

9e668ee4fbdd8578d37e9dc1a100a24401f726f1

SHA-256:

d1dcd9cee7f032cecf80eef3f04ca213d53b7dc97a143884f337d85c1e01f953

Scanner detections:

13 / 68

Status:

Malware

Analysis date:

12/27/2024 7:17:11 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Exploit.Java.Agent.AF

501

Arcabit

Exploit.Java.Agent.AF

1.0.0.425

Bitdefender

Exploit.Java.Agent.AF

1.0.20.1325

Bkav FE

W32.Clodfa2.Trojan

1.3.0.6979

Comodo Security

UnclassifiedMalware

23141

Emsisoft Anti-Malware

Exploit.Java.Agent.AF

8.15.09.22.10

Fortinet FortiGate

Java/Adwind.FN!tr

9/22/2015

F-Secure

Exploit.Java.Agent.AF

11.2015-22-09_3

G Data

Exploit.Java.Agent.AF

15.9.25

IKARUS anti.virus

Trojan.Java.Adwind

t3scan.1.9.5.0

McAfee

Artemis!96453574E242

5600.6635

MicroWorld eScan

Exploit.Java.Agent.AF

16.0.0.795

nProtect

Exploit.Java.Agent.AF

15.09.01.01

File size:

616.1 KB (630,913 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\ipclauncher.exe

File PE Metadata

Compilation timestamp:

3/15/2015 1:49:42 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.22

CTPH (ssdeep):

12288:6Ej7AkrM1eAbPlaL2466mtXpLN+B/rRf1URF1w8BWV1bCxNklI57Sb:L7Ak8US4KtXpLN+ff1URF1w8NOl+76

Entry address:

0x1290

Entry point:

55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 8C, 22, 41, 00, E8, A8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, C4, 22, 41, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, B0, 22, 41, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, BA, 80, 00, 00, 00, 89, E5, 57, 31, C0, 8D, BD, E8, FE, FF, FF, 56, 53, 81, EC, 1C, 01, 00, 00, 89, 54, 24, 08, 89, 44, 24, 04, 89, 3C, 24, E8, CF, 57, 00, 00, 89, 7C, 24, 04, C7, 04, 24, 18, 00, 00, 00, E8, 67, 0D, 00, 00, 85, C0, 0F, 84, 7C, 00, 00... 
[+]

Packer / compiler:

MingWin32

Code size:

23.5 KB (24,064 bytes)

The file ipclauncher.exe has been seen being distributed by the following URL.

http://auth.iplaycraft.ru/files/.../iPCLauncher.exe

Remove ipclauncher.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.