home

mirc.exe

mIRC

mIRC Co. Ltd.

Publisher:
mIRC Co. Ltd.

Product:
mIRC

Description:
mIRC by BLueCode

Version:
7.32.0.0

MD5:
49681bb47eabb616e677845b1a9a66e1

SHA-1:
78fa794c6eb666975114f7bd5ea32a872c932e51

SHA-256:
cbd1b4d5e2dcff27dea8d703acda172382cfcd12b93651fee755ad217860d7ee

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/19/2024 12:07:18 AM UTC  (today)

Scan engine
Detection
Engine version

Baidu Antivirus
Adware.Win32.Agent
4.0.3.151219

Kaspersky
not-a-virus:Client-IRC.Win32.mIRC
14.0.0.949

Quick Heal
Client-IRC.mIRC.g5 (Not a Virus)
12.15.14.00

Zillya! Antivirus
Trojan.Agent.Win32.588118
2.0.0.2570

File size:
3.2 MB (3,311,156 bytes)

Product version:
7.32

Copyright:
Copyright © 1995-2013 mIRC Co. Ltd.

Trademarks:
mIRC® is a Registered Trademark of mIRC Co. Ltd.

Original file name:
mirc.exe

File type:
Executable application (Win32 EXE)

Language:
Italian (Italy)

File PE Metadata
Compilation timestamp:
5/23/2013 4:18:26 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:UOQrHKbQCnxoqO2tUUPkRQ74f4bB42HiT1Y/b6m:UO+KbQKoqO2t30N2Cab6m

Entry address:
0x1FECE7

Entry point:
E8, 61, 53, 01, 00, E9, 79, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B...
 
[+]

Code size:
2.1 MB (2,225,664 bytes)

The file mirc.exe has been discovered within the following program.

mIRC  by mIRC Co. Ltd.
Publisher's description - “mIRC is a full featured Internet Relay Chat client for Windows that can be used to communicate, share, play or work with others on IRC networks around the world, either in multi-user group conferences or in one-to-one private discussions.”
11% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to ns229.altervista.org  (148.251.49.46:80)

TCP:
Connects to ip164.ip-91-134-187.eu  (91.134.187.164:6667)

TCP:
Connects to ns376276.ip-5-135-177.eu  (5.135.177.107:6667)

TCP:
Connects to ip157.ip-91-134-187.eu  (91.134.187.157:6667)

TCP:
Connects to 81-55-15-51.rev.cloud.scaleway.com  (51.15.55.81:58255)

TCP:
Connects to ns333596.ip-176-31-114.eu  (176.31.114.25:35717)

TCP:
Connects to convoking.manogahndi.com  (23.249.161.7:6667)

TCP (HTTP):
Connects to 100.ip-37-187-177.eu  (37.187.177.100:80)

TCP (HTTP):
Connects to 03.infinityshell.org  (94.23.156.66:80)

TCP:
Connects to ip159.ip-91-134-187.eu  (91.134.187.159:6667)

TCP:
Connects to ns333743.ip-37-187-127.eu  (37.187.127.147:52548)

TCP:
Connects to ip158.ip-91-134-187.eu  (91.134.187.158:6667)

TCP:
Connects to ns330762.ip-37-187-120.eu  (37.187.120.76:6667)

TCP:
Connects to host.colocrossing.com  (23.95.113.151:6667)

TCP:
Connects to ns351884.ip-91-121-72.eu  (91.121.72.150:6667)

TCP:
Connects to ks3094111.kimsufi.com  (91.121.202.150:6667)

TCP:
Connects to ip123.ip-164-132-140.eu  (164.132.140.123:6667)

TCP:
Connects to 212-129-47-174.rev.poneytelecom.eu  (212.129.47.174:6667)

TCP:
Connects to 195-154-8-16.rev.poneytelecom.eu  (195.154.8.16:6667)

TCP:
Connects to world.globalirc.it  (51.255.90.189:6667)

Scan mirc.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.