home

qipsurf.exe

QIP Surf

OOO Media Mir

Publisher:
Media Mir  (signed by OOO Media Mir)

Product:
QIP Surf

Version:
27.14.1453.94

MD5:
3cbc51050252334ad1598db62ec34d46

SHA-1:
72b1adb574d477c120b15fea0f4cef229954e8f4

SHA-256:
a86bf644374827c7714b986fbdad10311822984bbd91c87c03e1b53232ead76e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 2:32:01 AM UTC  (today)

File size:
813.8 KB (833,368 bytes)

Product version:
27.14.1453.94

Copyright:
Copyright (C) 2006-2013 The QIP Surf and Chromium Authors. All Rights Reserved.

Original file name:
qipsurf.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\qip surf\qipsurf.exe

Digital Signature
Signed by:
OOO Media Mir

Authority:
Thawte, Inc.

Valid from:
9/27/2013 4:00:00 AM

Valid to:
10/11/2015 3:59:59 AM

Subject:
CN=OOO Media Mir, O=OOO Media Mir, L=Moscow, S=RU, C=RU

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
1228C480B2682E3731160279C2F73FCE

File PE Metadata
Compilation timestamp:
2/11/2014 10:25:37 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:SUP3HXOXLoKw4D7zrkF1xYXZIIiGxmRkLk9PlU0E7E03nuFA+k4NWzYT2t0fz+w/:SUP3G2d9Wt/Gfz+wH7kpk7OjrCF8m

Entry address:
0x50B9C

Entry point:
E8, 85, 94, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 51, 53, 56, 8B, 35, 74, C2, 46, 00, 57, FF, 35, 54, C0, 49, 00, FF, D6, FF, 35, 50, C0, 49, 00, 8B, D8, 89, 5D, FC, FF, D6, 8B, F0, 3B, F3, 0F, 82, 81, 00, 00, 00, 8B, FE, 2B, FB, 8D, 47, 04, 83, F8, 04, 72, 75, 53, E8, DB, 94, 00, 00, 8B, D8, 8D, 47, 04, 59, 3B, D8, 73, 48, B8, 00, 08, 00, 00, 3B, D8, 73, 02, 8B, C3, 03, C3, 3B, C3, 72, 0F, 50, FF, 75, FC, E8, 54, 49, 00, 00, 59, 59, 85, C0, 75, 16, 8D, 43, 10, 3B, C3, 72, 3E, 50, FF, 75, FC, E8...
 
[+]

Code size:
428 KB (438,272 bytes)

Shell Open Command
Open type:
ftp

Command:
"C:\users\{user}\appdata\local\qip surf\qipsurf.exe" -- "%1"


The file qipsurf.exe has been discovered within the following program.

QIP Surf  by qip.ru
qip.ru
About 3% of users remove it
 
Powered by Should I Remove It?

Scan qipsurf.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.