home

IPExVB.dll

IPExVB

Max Secure Software India Pvt. Ltd.

The module IPExVB.dll by Max Secure Software India Pvt has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Max Secure Software  (signed by Max Secure Software India Pvt. Ltd.)

Product:
IPExVB

Version:
2, 0, 0, 17

MD5:
d4b6db4eb741664f9db4c7f7299890f4

SHA-1:
41d1b01270fc922c66c5ef306f8e776196b43f15

SHA-256:
42bc10a730a1d1e2a448654498e630be5128434c99cdd35c21009385957a610c

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/25/2024 11:07:40 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.MaxSecure.Optional.Meta (L)
16.2.9.13

File size:
883.9 KB (905,136 bytes)

Product version:
2, 0, 0, 2

Copyright:
(c)Max Secure Software. All rights reserved.

Original file name:
IPExVB.dll

File type:
Dynamic link library (Win32 DLL)

Language:
Language Neutral

Common path:
C:\Program Files\max pc booster\ipexvb.dll

Digital Signature
Signed by:
Max Secure Software India Pvt. Ltd.

Authority:
GlobalSign nv-sa

Valid from:
7/3/2009 2:19:56 PM

Valid to:
7/4/2010 2:19:50 PM

Subject:
E=tech@maxpcsecure.com, CN=Max Secure Software India Pvt. Ltd., OU=Opertaions, O=Max Secure Software India Pvt. Ltd., L=Pune, S=MH, C=IN

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
010000000001224089724D

Registration
CLSIDs:
{0F770852-A82B-4642-BA37-A856A605AF73}, {1039E24B-3B74-4AA6-BA0C-134E4250AC12}, {27208D3D-CFAA-4372-96A6-E5BC6C7F655D}, {2DBAEC01-0BA2-4991-A1F4-FC0585227548}, {3DD6E37C-E209-4AD7-8699-1535F757DF5A}, {5AB344BC-3B5F-42E3-BEB6-89F615CC5008}

ProgIDs:
EKMail.EKMail.1, EKMode.EKMode.1, EKChat.EKChat.1, EKSecurity.EKSecurity.1, EKWindows.EKWindows.1, EKRestriction.EKRestriction.1, EKInternetExplorer.EKInternetExplorer.1, PopUp.PopUp.1, EKCustom.EKCustom.1, EKMisc.EKMisc.1, CEKOpera.CEKOpera.1

COM registered:
Yes

File PE Metadata
Compilation timestamp:
12/21/2009 6:25:03 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.10

CTPH (ssdeep):
24576:HfpLJWJRntxCR+c+SKR2rc5i5dii1w6W6fdweuCKWJ1fJydbvnb1gWpriB6/:KSWGnfd7WWJTGLKWr66/

Entry address:
0x4E5D9

Entry point:
6A, 0C, 68, 88, 42, FC, 60, E8, EF, B4, FF, FF, 33, C0, 40, 89, 45, E4, 8B, 75, 0C, 33, FF, 3B, F7, 75, 0C, 39, 3D, 5C, 02, FE, 60, 0F, 84, B3, 00, 00, 00, 89, 7D, FC, 3B, F0, 74, 05, 83, FE, 02, 75, 31, A1, D0, BD, FD, 60, 3B, C7, 74, 0C, FF, 75, 10, 56, FF, 75, 08, FF, D0, 89, 45, E4, 39, 7D, E4, 0F, 84, 85, 00, 00, 00, FF, 75, 10, 56, FF, 75, 08, E8, 22, FE, FF, FF, 89, 45, E4, 3B, C7, 74, 72, 8B, 5D, 10, 53, 56, FF, 75, 08, E8, 8B, 47, FF, FF, 89, 45, E4, 83, FE, 01, 75, 0E, 3B, C7, 75, 0A, 53, 57, FF...
 
[+]

Entropy:
6.6211

Developed / compiled with:
Microsoft Visual C++ v7.1

Code size:
584 KB (598,016 bytes)

Remove IPExVB.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.