home

minecraft launcher 1.6.4.exe

CHummer

New IT Limited

This is part of a bundled installer which provides applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application minecraft launcher 1.6.4.exe, “Description is empty” by New IT Limited has been detected as adware by 21 anti-malware scanners. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. It is also typically executed from the user's temporary directory.
Publisher:
Elit -e - Company  (signed by New IT Limited)

Product:
CHummer

Description:
Description is empty

Version:
3, 5, 13, 0

MD5:
8d4c41ecf61cb1dbbc4360f8df9107a0

SHA-1:
521a6e2a8a42a779d340ae6ab1f7c6d8ec937e6b

SHA-256:
cf4ea0ef153b7c094d6381a6e0e379aeed4490d7a7d6e7c5283deabcb2ac93a4

Scanner detections:
21 / 68

Status:
Adware

Analysis date:
11/24/2024 12:53:08 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.Jaiks.244
817

Agnitum Outpost
PUA.4Shared
7.1.1

AVG
Generic
2015.0.3352

Bitdefender
Gen:Variant.Application.Bundler.Jaiks.244
1.0.20.1570

Dr.Web
Adware.Downware.2538
9.0.1.0257

ESET NOD32
Win32/4Shared.Y potentially unwanted application
8.7.0.302.0

F-Prot
W32/A-1ed09b26
v6.4.7.1.166

F-Secure
Gen:Variant.Application.Bundler
11.2014-10-11_2

G Data
Gen:Variant.Application.Bundler.Jaiks.244
14.11.24

herdProtect (fuzzy)
variant of المفاتيح العشرة للنجاح.exe (Adware)
2014.11.10.13

IKARUS anti.virus
PUA.4Shared
t3scan.1.7.8.0

K7 AntiVirus
Unwanted-Program
13.183.13504

McAfee
PUP-FNX
5600.6951

MicroWorld eScan
Gen:Variant.Application.Bundler.Jaiks.244
15.0.0.942

NANO AntiVirus
Trojan.Win32.4Shared.dfhejw
0.28.2.62286

Panda Antivirus
Trj/Genetic.gen
14.09.14.01

Reason Heuristics
PUP.NewITLimited.W
14.10.1.11

Sophos
4Share Downloader
4.98

SUPERAntiSpyware
PUP.4Shared/Variant
10246

VIPRE Antivirus
Threat.4150696
32938

Zillya! Antivirus
Backdoor.PePatch.Win32.44192
2.0.0.1934

File size:
543.7 KB (556,712 bytes)

Product version:
3, 5, 13, 0

Copyright:
2014

Trademarks:
No

Original file name:
DHelper

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\minecraft launcher 1.6.4.exe

Digital Signature
Signed by:
New IT Limited

Authority:
Starfield Technologies, Inc.

Valid from:
5/14/2014 8:00:04 PM

Valid to:
12/30/2016 3:33:53 PM

Subject:
CN=New IT Limited, O=New IT Limited, L=Nicosia, S=Nicosia, C=CY

Issuer:
CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
049768F7F19C91

File PE Metadata
Compilation timestamp:
9/5/2014 11:52:27 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:lJBDn7/o5rrBb4pLmadg5rixchdwr3DXBu3a2:lnnDmCmaQGxc7u3DA

Entry address:
0x425D8

Entry point:
E8, 3A, BF, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 14, A1, 00, DE, 46, 00, 33, C5, 89, 45, FC, 53, 56, 33, DB, 57, 8B, F1, 39, 1D, BC, 0E, 47, 00, 75, 38, 53, 53, 33, FF, 47, 57, 68, D4, 1C, 46, 00, 68, 00, 01, 00, 00, 53, FF, 15, 94, C1, 45, 00, 85, C0, 74, 08, 89, 3D, BC, 0E, 47, 00, EB, 15, FF, 15, DC, C0, 45, 00, 83, F8, 78, 75, 0A, C7, 05, BC, 0E, 47, 00, 02, 00, 00, 00, 39, 5D, 14, 7E, 22, 8B, 4D, 14, 8B, 45, 10, 49, 38, 18, 74, 08, 40, 3B, CB, 75, F6, 83, C9, FF, 8B, 45, 14, 2B, C1...
 
[+]

Entropy:
6.6537

Code size:
361.5 KB (370,176 bytes)

Remove minecraft launcher 1.6.4.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.