home

iptray.exe

gred AntiVirus アクセラレータ

Immunet Corporation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Immunet Protect’.
Publisher:
securebrain  (signed by Immunet Corporation)

Product:
gred AntiVirus アクセラレータ

Description:
gred AntiVirus アクセラレータ Tray Client

Version:
1, 0, 26, 10

MD5:
4dd469451dfc78e0c74831365a325c2b

SHA-1:
34536b2270199076e34e78cd0c71d253486dc1bd

SHA-256:
dee89aec002d39fe033d6666ef11d7c5b80a3980e158347ca7f0eed6ec638eb3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/10/2024 9:54:06 PM UTC  (today)

File size:
1.2 MB (1,292,616 bytes)

Product version:
1, 0, 26, 10

Copyright:
(c) Immunet. All rights reserved.

Original file name:
iptray.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\securebrain\gred av accelerator\1.0.26\iptray.exe

Digital Signature
Signed by:
Immunet Corporation

Authority:
VeriSign, Inc.

Valid from:
8/5/2009 9:00:00 AM

Valid to:
8/19/2010 8:59:59 AM

Subject:
CN=Immunet Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Immunet Corporation, L=Woodside, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1E44683E8FD5C1E39485DE558E877779

File PE Metadata
Compilation timestamp:
3/2/2010 4:19:02 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:mUgofFY7KKddMDXIOE8P/uMISe57mRP+P1s9WXaZmcuC/xkiYgLC:mSMKqODbHuJzQUPq9REcuCRYgLC

Entry address:
0x383E10

Entry point:
60, BE, 00, D0, 64, 00, 8D, BE, 00, 40, DB, FF, 57, EB, 0B, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89, C5, EB, 0B, 01, DB, 75, 07, 8B...
 
[+]

Entropy:
7.9127

Packer / compiler:
UPX v0.89.6 - v1.02 / v1.05 -v1.24

Code size:
1.2 MB (1,277,952 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Immunet Protect

Command:
"C:\Program Files\securebrain\gred av accelerator\1.0.26\iptray.exe"


Scan iptray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.