» ipranges.exe
Overview
Analysis
File Details
Downloads (1)

ipranges.exe

The executable ipranges.exe has been detected as malware by 26 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc194.2shared.com.

File name:

ipranges.exe

MD5:

fb216b2584aa8959f46681f9f8e09879

SHA-1:

567a877399f4be51a34e56445f74921643e53501

SHA-256:

a721fd5aa146d67c8b52d47f81f6e4466186a51a1346a1c33165bc2ba60d3afc

Scanner detections:

26 / 68

Status:

Malware

Analysis date:

11/5/2024 4:49:16 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.ArchSMS

7.1.1

Avira AntiVirus

TR/ArchSMS.jmag.1

7.11.104.60

AVG

FakeAV

2015.0.3346

Bitdefender

Trojan.Fakealert.52113

1.0.20.1310

Bkav FE

W32.Clod5bb.Trojan

1.3.0.4246

Comodo Security

UnclassifiedMalware

16993

Emsisoft Anti-Malware

Trojan.Fakealert.52113

8.14.09.19.03

F-Secure

Trojan.Fakealert.52113

11.2014-19-09_6

G Data

Trojan.Fakealert.52113

14.9.22

IKARUS anti.virus

Trojan.Win32.FakeAlert

t3scan.2.0.127

McAfee

Artemis!FB216B2584AA

5600.7002

MicroWorld eScan

Trojan.Fakealert.52113

15.0.0.786

Norman

Vir_Generic.JIV

11.20140919

Panda Antivirus

Generic Malware

14.09.19.03

Sophos

Mal/Generic-S

4.93

Trend Micro House Call

TROJ_GEN.R47B1E1

7.2.262

VIPRE Antivirus

Trojan.FakeAlert

21788

File size:

6.3 MB (6,590,464 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\ipranges.exe

File PE Metadata

Compilation timestamp:

12/5/2010 8:33:14 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

98304:jcmCBGjcVwuZq0e+LKA23vgRUcQOI5ejoD5+qQKFdu9HoU2DH1:K0uq4Gj1cB2IqQKFdu9n2DV

Entry address:

0x393BA0

Entry point:

E8, F4, 9D, 00, 00, E9, 16, FE, FF, FF, C3, B8, BA, E4, 79, 00, A3, 4C, 68, A4, 00, C7, 05, 50, 68, A4, 00, B6, DB, 79, 00, C7, 05, 54, 68, A4, 00, 74, DB, 79, 00, C7, 05, 58, 68, A4, 00, A8, DB, 79, 00, C7, 05, 5C, 68, A4, 00, 1E, DB, 79, 00, A3, 60, 68, A4, 00, C7, 05, 64, 68, A4, 00, 34, E4, 79, 00, C7, 05, 68, 68, A4, 00, 34, DB, 79, 00, C7, 05, 6C, 68, A4, 00, 9E, DA, 79, 00, C7, 05, 70, 68, A4, 00, 2D, DA, 79, 00, C3, E8, 9B, FF, FF, FF, E8, 4A, A9, 00, 00, 83, 7C, 24, 04, 00, A3, D0, B0, A4, 00, 74... 
[+]

Code size:

4.1 MB (4,345,856 bytes)

The file ipranges.exe has been seen being distributed by the following URL.

http://dc194.2shared.com/download/.../IPRanges.exe

Remove ipranges.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.