ipranges.exe

The executable ipranges.exe has been detected as malware by 26 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc194.2shared.com.
MD5:
fb216b2584aa8959f46681f9f8e09879

SHA-1:
567a877399f4be51a34e56445f74921643e53501

SHA-256:
a721fd5aa146d67c8b52d47f81f6e4466186a51a1346a1c33165bc2ba60d3afc

Scanner detections:
26 / 68

Status:
Malware

Analysis date:
11/5/2024 4:49:16 AM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.ArchSMS
7.1.1

Avira AntiVirus
TR/ArchSMS.jmag.1
7.11.104.60

AVG
FakeAV
2015.0.3346

Bitdefender
Trojan.Fakealert.52113
1.0.20.1310

Bkav FE
W32.Clod5bb.Trojan
1.3.0.4246

Comodo Security
UnclassifiedMalware
16993

Emsisoft Anti-Malware
Trojan.Fakealert.52113
8.14.09.19.03

F-Secure
Trojan.Fakealert.52113
11.2014-19-09_6

G Data
Trojan.Fakealert.52113
14.9.22

IKARUS anti.virus
Trojan.Win32.FakeAlert
t3scan.2.0.127

McAfee
Artemis!FB216B2584AA
5600.7002

MicroWorld eScan
Trojan.Fakealert.52113
15.0.0.786

Norman
Vir_Generic.JIV
11.20140919

Panda Antivirus
Generic Malware
14.09.19.03

Sophos
Mal/Generic-S
4.93

Trend Micro House Call
TROJ_GEN.R47B1E1
7.2.262

VIPRE Antivirus
Trojan.FakeAlert
21788

File size:
6.3 MB (6,590,464 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\ipranges.exe

File PE Metadata
Compilation timestamp:
12/5/2010 8:33:14 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:jcmCBGjcVwuZq0e+LKA23vgRUcQOI5ejoD5+qQKFdu9HoU2DH1:K0uq4Gj1cB2IqQKFdu9n2DV

Entry address:
0x393BA0

Entry point:
E8, F4, 9D, 00, 00, E9, 16, FE, FF, FF, C3, B8, BA, E4, 79, 00, A3, 4C, 68, A4, 00, C7, 05, 50, 68, A4, 00, B6, DB, 79, 00, C7, 05, 54, 68, A4, 00, 74, DB, 79, 00, C7, 05, 58, 68, A4, 00, A8, DB, 79, 00, C7, 05, 5C, 68, A4, 00, 1E, DB, 79, 00, A3, 60, 68, A4, 00, C7, 05, 64, 68, A4, 00, 34, E4, 79, 00, C7, 05, 68, 68, A4, 00, 34, DB, 79, 00, C7, 05, 6C, 68, A4, 00, 9E, DA, 79, 00, C7, 05, 70, 68, A4, 00, 2D, DA, 79, 00, C3, E8, 9B, FF, FF, FF, E8, 4A, A9, 00, 00, 83, 7C, 24, 04, 00, A3, D0, B0, A4, 00, 74...
 
[+]

Code size:
4.1 MB (4,345,856 bytes)

The file ipranges.exe has been seen being distributed by the following URL.

Remove ipranges.exe - Powered by Reason Core Security