home

tiraniumguard.exe

Tiranium AntiVirus Realtime Protection

Seven Alien Technologies

It runs as a scheduled task under the Windows Task Scheduler named tiranium triggered to execute each time a user logs in.
Publisher:
Seven Alien Technologies

Product:
Tiranium AntiVirus Realtime Protection

Version:
1.0.0.0

MD5:
b4171f9cbc8218ba9096f793f4812caf

SHA-1:
31b254d8f34bb5ada33c5a46d58340e92093f214

SHA-256:
a8467073b45b00c368c8ce1b6dea12a855c0d75a1d70ed19ed08e5802956eefa

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/20/2024 2:03:43 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Packed.Confuser (variant)
8.9776

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.3893

File size:
1.5 MB (1,569,000 bytes)

Product version:
1.0.0.0

Copyright:
Copyright Seven Alien Technologies© 2014 TitaniumData Servfr Net

Trademarks:
Copyright Seven Alien Technologies© 2014 TitaniumData Servfr Net

Original file name:
250397104.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\tiranium antivirus\tiraniumguard.exe

File PE Metadata
Compilation timestamp:
12/9/2010 7:58:13 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:lJa4lkIJwXzcR5is+Sya9RiRivZRK9Pa4LokTbGbMkoYPuNzGIC5D1e7OdW2a40A:lJ/lkIczcWshjisvbP4w8cD1e6kB4nNv

Entry address:
0x2E5E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
4 KB (4,096 bytes)

Scheduled Task
Task name:
tiranium

Trigger:
Logon (Runs on logon)


The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to static.85-10-200-135.clients.your-server.de  (85.10.200.135:80)

TCP (HTTP):
Connects to ns1.olympe.in  (178.32.167.243:80)

Scan tiraniumguard.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.