» minecraft_game_downloader.exe
Overview
Analysis
File Details
Downloads (1)

minecraft_game_downloader.exe

Daninomoli

File Validated

This is the InstallMetrix bundle installer which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The application minecraft_game_downloader.exe, “Daninomoli Setup ” by File Validated has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the InstallMetrix Software installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. With this installer, users are expecting to download Minecraft but before that occurs they may be presented with additional offers, mostly potentially unwanted software or adware.

File name:

Publisher:

File Validated (signed and verified)

Product:

Daninomoli

Description:

Daninomoli Setup

Version:

1.8.4.7

MD5:

65c52a7761f7c4e7f14d11c1d7d7ba06

SHA-1:

cd58e2933f505b679a59d04813be412bc88a55aa

SHA-256:

194579d616904ead20d592ce633bc08dbd5ddaccd81050da9e15226eddb5e95d

Scanner detections:

1 / 68

Status:

Adware

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:

This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:

11/16/2024 6:37:15 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.InstallCore (M)

17.3.15.9

File size:

1.4 MB (1,504,496 bytes)

Product version:

3.5

Installer

File type:

Executable application (Win32 EXE)

Bundler/Installer:

InstallMetrix Software (using Inno Setup)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\minecraft_game_downloader.exe

Digital Signature

Signed by:

File Validated

Authority:

thawte, Inc.

Valid from:

4/27/2016 7:00:00 PM

Valid to:

4/28/2017 6:59:59 PM

Subject:

CN=File Validated, OU=IT, O=File Validated, L=San Francisco, S=California, C=US

Issuer:

CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:

1C4E868160FF518C1903798F12C91A6B

File PE Metadata

Compilation timestamp:

6/19/1992 5:22:17 PM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.9884

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file minecraft_game_downloader.exe has been seen being distributed by the following URL.

http://www.downloadconceptscurrent.com/BIlr9wwKr0MYMzli9DMEeQyjUu Vb3OyJLrNtN34AqFXAnrVkEjwLo3fjwilQU6xQfB m27EnTnMGT3BCH4077tFKZfHw4osdzvnCYyRQlqmk8GrA2fWEtVaL4yLfyeBAWVwKR2ZIBJkDuRPWsIxw7hGtOh3KvJpYevFkEEQPI3cMfKGVC iIW72nYA4mQN3UhG4AQn NIaqbDyvH6jBslP5gFwVhecWGTgZuGo0zvYSr4QksxD2PKGBSj6b1TuJYtXg37bE7B_Au7HcYoGYwPnSPLKhRD kwXnGNAuffPIvzu4 q4vg9__xSwdC72iXHw3JWg239UdHmnzjw2t5Y2SUTZoKBQs5XLlgANCD9WOV55UReFX9_ _A87L4wV_wY2nxA01hbRiccFT60zro8p_ykf36Tw17H05urZ03V9M_sgFPDCtf96NioBB F9CdFek0DshAN_au5g7q8BdAiioGkgIDE9CHgwZhDpWco1WicnXqupLbD5h5xAEtgg69 SyTKufYdUBVhRdJIPZMsyOYNm0IjzymNhOlG9GIYU530k7V4UkCJlTQTukbPwtWLtChB5ZWT2oYXlFUH2eaUsLSFOnMaK0EZBjR0sBYZE4DrYB_ZUIOuCiTKTCKl2Zxek_PCoRq8nraIoSOdOV7sT4PUiJ2iQ==-G1UAAMTfZj9Or wnuE2RaRBExMGBQw4cvgcsgQTBxhieLUIv17juCZtB_2vHzfNIwW19X6SlMng5WEpBSs5QngxiaTaIWs0S9329Mw==

Remove minecraft_game_downloader.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.