home

mcserverpanel.exe

McServerPanelUpdater

BlueJelly

Publisher:
BlueJelly

Product:
McServerPanelUpdater

Version:
1.0.0.0

MD5:
9ae9fecc19621a85643cdd2f0a4aba63

SHA-1:
c8e9df77b9ddd72466cfede03070e796e6ea0cd7

SHA-256:
2dac441d462436f6738b9d689e8d642b613e81dd410e0b21ce624e24913aa0bb

Scanner detections:
5 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/24/2024 12:51:17 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
2014.9-150430

IKARUS anti.virus
Trojan.Rogue
t3scan.1.8.9.0

K7 AntiVirus
Riskware
13.202.15600

McAfee
Artemis!9AE9FECC1962
5600.6780

Norman
Suspicious_Gen2.WAQLN
11.20150430

File size:
83 KB (84,992 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
McServerPanelUpdater.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\mcserverpanel.exe

File PE Metadata
Compilation timestamp:
10/19/2014 11:16:45 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
1536:4GI3Gx1gaqMuWYa2fTu7Ota2q263GEKBvgkt0ri9JT4NfGi9TkgFXPy:4VJaq3WYJfS7Oro3GEKBvgDri9J4NOio

Entry address:
0x12F5E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.3495

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
68 KB (69,632 bytes)

The file mcserverpanel.exe has been seen being distributed by the following 3 URLs.

http://dl.mod-minecraft.net/download2.php?a=9ae9fecc19621a85643cdd2f0a4aba63&b=c5f0b75c7bb8b0a2ad342f71159cc21d

http://www.dl3.5minecraft.net/download2.php?a=9ae9fecc19621a85643cdd2f0a4aba63&b=70b49e1e9999c526fc1c99eb98770525

http://dl.mod-minecraft.net/download2.php?a=9ae9fecc19621a85643cdd2f0a4aba63&b=ab10345cc2579f0f3408fccd01aea009

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to ec2-34-192-120-26.compute-1.amazonaws.com  (34.192.120.26:80)

Scan mcserverpanel.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.