minecraft-launcher-by-dankej-v2.1w.exe

مادپجپععزءرےعسببمبءاجفعشبگجزن

نپہرےسچچبتوچناشطحدشءفجکقرعگجچ

The executable minecraft-launcher-by-dankej-v2.1w.exe, “بطنءادوپوندبرطپیسپسسلپامےلنزم” has been detected as malware by 8 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from uloz.to.
Publisher:
نپہرےسچچبتوچناشطحدشءفجکقرعگجچ

Product:
مادپجپععزءرےعسببمبءاجفعشبگجزن

Description:
بطنءادوپوندبرطپیسپسسلپامےلنزم

Version:
66.47.68.34

MD5:
43b9723be9149ca56877b95d65e4921b

SHA-1:
6bf8cd884d0ed7ce80f97959239059d22199eae3

SHA-256:
197c9c3b68cc7f8644262dd12a5cc02503448fc58dc22c360fe54adc6b74f576

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
11/26/2024 10:56:16 PM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.W32.Gen.m0eI
2.1.4+

Baidu Antivirus
MSIL.Trojan.Injector
4.0.3.16519

ESET NOD32
MSIL/Packed.RPX.A suspicious (variant)
10.13514

IKARUS anti.virus
Trojan.MSIL.RPX
t3scan.2.0.9.0

K7 AntiVirus
Trojan
13.225.19647

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.186

Malwarebytes
Backdoor.Agent.ASMGen
v2016.05.19.06

Qihoo 360 Security
HEUR/QVM03.0.0000.Malware.Gen
1.0.0.1120

File size:
216.5 KB (221,696 bytes)

Product version:
66.47.68.34

Copyright:
ینیطروےفتاتشمفلمرچاےشتہگکقءجہ

Trademarks:
زجکحجچرحگاحطقدےوشپرگدچجطحشنچ

Original file name:
Assembly Changer.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\minecraft-launcher-by-dankej-v2.1w.exe

File PE Metadata
Compilation timestamp:
5/19/2016 6:17:05 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:KwSUDqNfJu6KKNSgbZ7Xn+/xZ4MHRgbYLH0a8PSrkle7XBD2t:Kq4VNbbZ7MZ4vGH0gYKD2

Entry address:
0x37674

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
214 KB (219,136 bytes)

The file minecraft-launcher-by-dankej-v2.1w.exe has been seen being distributed by the following URL.

Remove minecraft-launcher-by-dankej-v2.1w.exe - Powered by Reason Core Security