internetport3.exe

internetport3

The application internetport3.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Product:
internetport3

Version:
1.0.2.0

MD5:
8dad0f255ba35cd6e19acbaf56e3a3c1

SHA-1:
31196d96757b6fb949569bb5cf079c8bbad8264a

SHA-256:
b1b48882739828f5160824f806db49ccf1b64c72ab4c60febc8b43202bee2f0f

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
7/23/2018 5:04:25 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Adware.Dotdo.Meta (M)
16.4.24.12

File size:
6.5 KB (6,656 bytes)

Product version:
1.0.2.0

Copyright:
Copyright ©2013 Telerik

Original file name:
internetport3.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

File PE Metadata
Compilation timestamp:
3/4/2014 11:03:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
96:Pfmxu7xQMdulEdCC869XpTlCD2wG2FBc0B2pBIKBXzNt:HN7xJ1dr86JVADJgh

Entry address:
0x2EBE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.3980

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
4 KB (4,096 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ec2-54-208-30-101.compute-1.amazonaws.com  (54.208.30.101:80)

TCP (HTTP):
Connects to web13.talk4free.com  (216.234.76.160:80)

TCP (HTTP):
Connects to msnbot-65-52-108-27.search.msn.com  (65.52.108.27:80)

TCP (HTTP):
Connects to ec2-107-21-218-112.compute-1.amazonaws.com  (107.21.218.112:80)

TCP (HTTP):
Connects to cds63.iad9.msecn.net  (65.54.81.66:80)

TCP (HTTP):

TCP (HTTP):

TCP (HTTP):

TCP (HTTP):

TCP (HTTP):
Connects to a184-51-126-57.deploy.static.akamaitechnologies.com  (184.51.126.57:80)

TCP (HTTP):
Connects to a184-51-126-51.deploy.static.akamaitechnologies.com  (184.51.126.51:80)

TCP (HTTP):
Connects to a184-51-126-33.deploy.static.akamaitechnologies.com  (184.51.126.33:80)

TCP (HTTP):
Connects to a184-51-126-19.deploy.static.akamaitechnologies.com  (184.51.126.19:80)

TCP (HTTP):
Connects to 173.192.200.70-static.reverse.softlayer.com  (173.192.200.70:80)

Remove internetport3.exe - Powered by Reason Core Security