minecraft3.0.exe

stub

The executable minecraft3.0.exe has been detected as malware by 16 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc461.4shared.com.
Product:
stub

Version:
1.0.0.0

MD5:
ba34dee6059a2dfac954650bbfacb467

SHA-1:
45b9b53aa04b34f30052cf741aca656a8cc8e8b4

SHA-256:
d87000f4663a9403649b9b87c888cd11d5808ca4d1671e45b495403ed7176826

Scanner detections:
16 / 68

Status:
Malware

Explanation:
The software cotains keystroke monitoring/logging capablities which may or may not be installed without the user's knowledge.

Analysis date:
12/25/2024 4:17:01 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Dropper.Gen
8.3.1.6

avast!
Win32:GenMaliciousA-COX [Trj]
2014.9-160715

AVG
Luhe.MalMSIL.C
2017.0.2682

Baidu Antivirus
Trojan.MSIL.Keylogger
4.0.3.16715

ESET NOD32
MSIL/Spy.Keylogger.NE (variant)
10.11942

Fortinet FortiGate
W32/Generic.AV!tr
7/15/2016

IKARUS anti.virus
Trojan-Spy.MSIL
t3scan.1.9.5.0

K7 AntiVirus
Backdoor
13.206.16567

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-96

NANO AntiVirus
Trojan.Win32.Agent2.ddtgke
0.30.24.2487

Panda Antivirus
Trj/Sharik.B
16.07.15.05

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1015

Rising Antivirus
PE:Trojan.Win32.Generic.18E27E6B!417496683
23.00.65.16713

Sophos
Mal/MSIL-AV
4.98

Trend Micro
TROJ_GEN.R011C0RGF15
10.465.15

VIPRE Antivirus
Trojan.Win32.Generic.pak!cobra
42020

File size:
213.5 KB (218,666 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2012

Original file name:
stub.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\minecraft3.0.exe

File PE Metadata
Compilation timestamp:
4/27/2012 7:54:29 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:jRaE+uEmBSzo73pPHkqIT3333Hru+8j1GuOsn3cWgcuGKAVF:9aF9mBf73n+IJEmVF

Entry address:
0x581E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
14.5 KB (14,848 bytes)

The file minecraft3.0.exe has been seen being distributed by the following URL.

Remove minecraft3.0.exe - Powered by Reason Core Security