home

switchip.exe

Microsoft Systems Management Server Installer

Microsoft Corporation

This is a self-extracting archive and installer. The file has been seen being downloaded from download.dodear.com.
Publisher:
Microsoft Corporation

Product:
Microsoft Systems Management Server Installer

Version:
2.0.92.0

MD5:
df7f6fa63aaf63e877abbf86129d2cc7

SHA-1:
02b4ea9a592eadb9a908a3789610269d2446557d

SHA-256:
60594fc314e5f6755c20032dc173dc1637cfa1f8008314cde94d7c3538e5dbf9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 12:39:11 AM UTC  (today)

File size:
594.6 KB (608,869 bytes)

Product version:
2.0.92.0

Copyright:
Copyright (C) Microsoft Corp. 1997-2001

Original file name:
Stub.exe

File type:
Executable application (Win16 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\programs\softwares\switchip.exe

File PE Metadata
OS version:
82.13293

OS bitness:
Win16

Subsystem:
Windows GUI

Linker version:
2.0

CTPH (ssdeep):
12288:mjeezQ7YjJSQf2sBsl0NMTDiGLtbw+4gWkCLKDQDU6vYR2W4sg5Lp:5e/jJ8sBgliUtbw+4gWZ2+w14B5l

Entry address:
0xDA00D2

Entry point:
4D, 5A, B4, 00, 03, 00, 00, 00, 20, 00, 00, 00, FF, FF, 07, 00, 00, 01, 65, 40, 00, 00, 00, 00, 40, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9928  (probably packed)

Code size:
256 KB (262,146 bytes)

The file switchip.exe has been seen being distributed by the following URL.

http://download.dodear.com/Network.Tools/.../SwitchIp.exe

Scan switchip.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.