minecraft version changer.exe

Minecraft Version Changer

http://mvc.craften.de

The executable minecraft version changer.exe has been detected as malware by 11 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from download1155.mediafire.com. While running, it connects to the Internet address static.42.69.76.144.clients.your-server.de on port 80 using the HTTP protocol.
Publisher:
http://mvc.craften.de

Product:
Minecraft Version Changer

Version:
3.1.4801.36268

MD5:
a8c692baa1dd7c48461978aee53a0469

SHA-1:
c2b77550b80b73c9d44fee3280e5682009c11d69

SHA-256:
8ccf10b9f45f79606722a7457feed1fde59d1206ffb5fea02df93f135178f1b0

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
11/16/2024 1:52:48 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.11164840
1020

avast!
Win32:Dropper-gen [Drp]
2014.9-140420

Bitdefender
Trojan.Generic.11164840
1.0.20.550

Dr.Web
Trojan.DownLoader9.50052
9.0.1.0110

Emsisoft Anti-Malware
Trojan.Generic.11164840
8.14.04.20.02

F-Secure
Trojan.Generic.11164840
11.2014-20-04_1

G Data
Trojan.Generic.11164840
14.4.24

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.6.1.0

McAfee
Artemis!A8C692BAA1DD
5600.7154

MicroWorld eScan
Trojan.Generic.11164840
15.0.0.330

nProtect
Trojan.Generic.11164840
14.04.10.02

File size:
2.6 MB (2,754,048 bytes)

Product version:
3.1.4801.36268

Copyright:
Copyright © 2012-2013 by craften.de + Maik

Original file name:
Minecraft Version Changer[WPF].exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\minecraft version changer.exe

File PE Metadata
Compilation timestamp:
2/22/2013 8:08:56 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:l3bS4mzcvxD+pf46OxiwjHjl8o6M+bS4mzc9z:l3lmIZD+pf465w7jl8oT+lmI9z

Entry address:
0x2888EE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
2.5 MB (2,648,576 bytes)

The file minecraft version changer.exe has been seen being distributed by the following URL.

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to static.42.69.76.144.clients.your-server.de  (144.76.69.42:80)

TCP (HTTP):
Connects to www.turktelekom.com.tr  (195.175.114.91:80)

TCP (HTTP):
Connects to a2-16-4-154.deploy.akamaitechnologies.com  (2.16.4.154:80)

Remove minecraft version changer.exe - Powered by Reason Core Security