MiniIPBlocker.EXE

BeeThink Mini IP Blocker

BeeThink Software Research and Development Center

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘MINI IP Blocker’.
Publisher:
BeeThink SoftWare, Inc.  (signed by BeeThink Software Research and Development Center)

Product:
BeeThink Mini IP Blocker

Description:
Mini IP Blocker

Version:
1, 0, 0, 1

MD5:
b39f0b7e90b9b973db7f4fdb4e9fb175

SHA-1:
fd1383a5d7ba0d2473880305d7aa5408f36789f5

SHA-256:
2cf57f67b9b1d60d5a3bb444adcb40d15879a375fdd3a6c104f8a58bbf7ce073

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 5:38:51 AM UTC  (today)

File size:
551.8 KB (565,032 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2003-2011. BeeThink SoftWare, Inc. All rights reserved.

Trademarks:
BeeThink Mini IP Blocker is registered trademarks of BeeThink SoftWare, Inc.

Original file name:
MiniIPBlocker.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ip blocker firewall 3.2\miniipblocker.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
8/18/2014 4:00:00 AM

Valid to:
8/18/2016 3:59:59 AM

Subject:
CN=BeeThink Software Research and Development Center, OU=IT, O=BeeThink Software Research and Development Center, L=Xi'an, S=Shanxi, C=CN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
167EAE8B86CE85E0E7E72FA1A0C288E1

File PE Metadata
Compilation timestamp:
3/3/2016 4:53:44 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:/671eyQcB6xIHWIjuVm6ohyymMctX2MhAn2JJO0aCnMld+UMouvVMIrDuKIjOOtU:y71IxIHREo4TMH2jo4MIrt4aUHwDXN

Entry address:
0xEC75

Entry point:
55, 8B, EC, 6A, FF, 68, 48, FE, 42, 00, 68, C0, 36, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, BC, C2, 42, 00, 33, D2, 8A, D4, 89, 15, B4, D0, 43, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, B0, D0, 43, 00, C1, E1, 08, 03, CA, 89, 0D, AC, D0, 43, 00, C1, E8, 10, A3, A8, D0, 43, 00, 6A, 01, E8, 28, 35, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 37, 32, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
5.9620

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
172 KB (176,128 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
MINI IP Blocker

Command:
C:\Program Files\ip blocker firewall 3.2\miniipblocker.exe


Scan MiniIPBlocker.EXE - Powered by Reason Core Security