home

iptray.exe

gred AntiVirus アクセラレータ

Immunet Corporation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Immunet Protect’.
Publisher:
securebrain  (signed by Immunet Corporation)

Product:
gred AntiVirus アクセラレータ

Description:
gred AntiVirus アクセラレータ Tray Client

Version:
1, 0, 27, 11

MD5:
7e3cf24e1c2c44974ac904a0f750b8f9

SHA-1:
4c4b2df20a53fc9f7dc090998ce8abea2b15e40b

SHA-256:
aeeb3a9e4d9d3b602a56fa15b575e1e2610f7faa976a7df82574431161d63216

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 6:38:34 PM UTC  (today)

File size:
1.2 MB (1,296,176 bytes)

Product version:
1, 0, 27, 11

Copyright:
(c) Immunet. All rights reserved.

Original file name:
iptray.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\securebrain\gred av accelerator\1.0.26\iptray.exe

Digital Signature
Signed by:
Immunet Corporation

Authority:
VeriSign, Inc.

Valid from:
12/1/2011 9:00:00 AM

Valid to:
12/1/2012 8:59:59 AM

Subject:
CN=Immunet Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Immunet Corporation, L=San Mateo, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
158E495297A3FD34ADD5A30E20C33C76

File PE Metadata
Compilation timestamp:
12/14/2011 2:19:54 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:dt42hFE5eSVBi4xw8jY19h0Vf2QcJhsannZtTzuLqHjC0ZCBm:d/Gkc84nUbhEfgJSann3zMqDvZ

Entry address:
0x3830F0

Entry point:
60, BE, 00, C0, 64, 00, 8D, BE, 00, 50, DB, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.9129

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
1.2 MB (1,277,952 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Immunet Protect

Command:
"C:\Program Files\securebrain\gred av accelerator\1.0.26\iptray.exe"


Scan iptray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.