mirc.exe

Sekershell mIRC

Publisher:
Sekershell mIRC

Product:
Sekershell mIRC

Description:
Sekershell.Com - Sekershell mIRC

Version:
6.35

MD5:
b469e44a0d4a09004e4c56d59670d38a

SHA-1:
0bacfef5e754a95e650b35e52f0046efec59d8fb

SHA-256:
467082ba0cb2d70e145be326b305562c24b3f0f5ee3fba368a2922900868b148

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/25/2024 3:03:39 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Mirc-Z [PUP]
2014.9-151018

Clam AntiVirus
Win.Worm.Agent-275
0.98/21511

K7 AntiVirus
Riskware
13.210.17525

File size:
2.7 MB (2,856,448 bytes)

Product version:
6.35

Copyright:
Copyright © 2006-2014 Sekershell.Com

Trademarks:
www.sekershell.com

Original file name:
mirc.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
10/17/2008 11:39:51 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.0

CTPH (ssdeep):
49152:HijBLIbeHeRJMmhVZFoF4OAsnbR7XTXP62:HSdIbtUmh/20s9P62

Entry address:
0x1DF5DD

Entry point:
6A, 60, 68, A8, B2, 60, 00, E8, 0F, 05, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 9B, A3, FF, FF, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 64, 41, 5F, 00, 8B, 4E, 10, 89, 0D, 08, 1D, 6B, 00, 8B, 46, 04, A3, 14, 1D, 6B, 00, 8B, 56, 08, 89, 15, 18, 1D, 6B, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 0C, 1D, 6B, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 0C, 1D, 6B, 00, C1, E0, 08, 03, C2, A3, 10, 1D, 6B, 00, 33, F6, 56, 8B, 3D, 78, 42, 5F, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03...
 
[+]

Developed / compiled with:
Microsoft Visual C++ v7.0

Code size:
1.9 MB (2,042,880 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to tr.richmenbayi.com  (185.9.38.205:80)

TCP:
Connects to ns3030019.ip-51-255-69.eu  (51.255.69.51:6386)

TCP:
Connects to ip155.radyotelekom.com  (95.173.188.155:9596)

TCP:
Connects to ip183.radyotelekom.com  (94.102.5.183:9998)

TCP:
Connects to 59.202.122.185.in-addr.arpa.routergate.com  (185.122.202.59:6667)

TCP:
Connects to 212-83-135-50.rev.poneytelecom.eu  (212.83.135.50:6667)

TCP (HTTP):
Connects to mirc.com  (50.28.34.67:80)

TCP (HTTP):
Connects to cpanel03.netiyi.com  (185.59.46.137:80)

TCP (HTTP):
Connects to mirc.co.uk  (31.25.190.198:80)

TCP (HTTP):
Connects to host-31-210-156-172.routergate.com  (31.210.156.172:80)

TCP:
Connects to ip166.radyotelekom.com  (95.173.188.166:4455)

TCP:
Connects to 3144.rdns.hemenhosting.org  (185.26.145.3:8585)

TCP (HTTP):
Connects to 185.59.46.124.netiyi.com  (185.59.46.124:80)

Scan mirc.exe - Powered by Reason Core Security