» minecraft_setup.exe
Overview
Analysis
File Details
Downloads (1)

minecraft_setup.exe

Minecraft Installer

Secure Installer

The application minecraft_setup.exe, “Deploy Minecraft along with various offers” by Secure Installer has been detected as a potentially unwanted program by 3 anti-malware scanners. The file has been seen being downloaded from software.downloadinfo.co a known adware distribution point operated by Downloadinfo.

File name:

minecraft_setup.exe

Publisher:

Secure Installer (signed and verified)

Product:

Minecraft Installer

Description:

Deploy Minecraft along with various offers

Version:

1.8

MD5:

3caf9be2ef238d42c3031b28c2b870eb

SHA-1:

02257ead85ed3e4f8b8e53c221816e1fec8e0656

SHA-256:

4125d4083f217c4932b57e27208d4bdf3874918d0f579e92f6b7bae7450d0a0b

Scanner detections:

3 / 68

Status:

Potentially unwanted

Analysis date:

12/26/2024 12:58:05 AM UTC (today)

Scan engine

Detection

Engine version

Dr.Web

Adware.Downware.849

9.0.1.045

Reason Heuristics

PUP.Installer.SecureInstaller

15.2.14.9

Trend Micro House Call

TROJ_GEN.F47V0101

7.2.45

File size:

1.6 MB (1,712,776 bytes)

Product version:

1.8

©DownloadInfo

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\minecraft_setup.exe

Digital Signature

Signed by:

Secure Installer

Authority:

COMODO CA Limited

Valid from:

9/25/2012 1:00:00 AM

Valid to:

9/26/2013 12:59:59 AM

Subject:

CN=Secure Installer, O=Secure Installer, STREET=720 Market Street, STREET=5th floor, L=San Francisco, S=CA, PostalCode=94102, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00C3507C1ADDE6B4C52E5426990F85CA2B

File PE Metadata

Compilation timestamp:

12/12/2012 12:37:16 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:VumdPjsnWwndxw4GmeW5Qd0oWgLFvpJhd75iTygsN/aN/+Dp7ObERSKlVnqRbVTr:32c0oWunJ7gTyPN/hzoRZTZ6e

Entry address:

0xCE1BC

Entry point:

55, 8B, EC, 83, C4, F0, B8, 74, BC, 4C, 00, E8, D8, 8B, F3, FF, 8B, 0D, 94, 6F, 4D, 00, 8B, 09, B2, 01, A1, 20, 62, 4B, 00, E8, 2C, E2, F8, FF, 8B, 15, 7C, 70, 4D, 00, 89, 02, A1, 94, 6F, 4D, 00, 8B, 00, E8, 14, 7A, F9, FF, A1, 94, 6F, 4D, 00, 8B, 00, B2, 01, E8, AE, 98, F9, FF, 8B, 0D, 98, 6D, 4D, 00, A1, 94, 6F, 4D, 00, 8B, 00, 8B, 15, D8, 23, 4C, 00, E8, 06, 7A, F9, FF, A1, 94, 6F, 4D, 00, 8B, 00, E8, 32, 7B, F9, FF, E8, CD, 66, F3, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.6605

Developed / compiled with:

Microsoft Visual C++

Code size:

817.5 KB (837,120 bytes)

The file minecraft_setup.exe has been seen being distributed by the following URL.

http://software.downloadinfo.co/software/di/.../minecraft_setup.exe

Remove minecraft_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.