home

minecraftfreedownloadsuscom-setup.exe

Fast Downloader Media

The application minecraftfreedownloadsuscom-setup.exe by Fast Downloader Media has been detected as a potentially unwanted program by 18 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from files4.downloadnet276.com and multiple other hosts.
Publisher:
Clever Small Installer  (signed by Fast Downloader Media)

Product:
Clever Small Installer

Version:
93.5.1.606

MD5:
74c6a7334d4005d6672d41dc34707031

SHA-1:
584cb0b9e4fe109fd9bc55cf102b4dd5fcb9b2ef

SHA-256:
3f3bc1747de6b9e5c569442e917218aeab91e1775524cd4137868a772f25a8f1

Scanner detections:
18 / 68

Status:
Potentially unwanted

Analysis date:
11/23/2024 11:26:10 PM UTC  (a few moments ago)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.DownloadAdmin.4
5707941

Arcabit
Trojan.Application.Bundler.DownloadAdmin.4
1.0.0.629

avast!
Win32:Malware-gen
151210-0

AVG
Generic
2016.0.2902

Bitdefender
Gen:Variant.Application.Bundler.DownloadAdmin.4
1.0.20.1705

Comodo Security
Application.Win32.DownloadAdmin.P
23680

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.DownloadAdmin
10.0.0.5366

ESET NOD32
Win32/DownloadAdmin.P potentially unwanted application
7.0.302.0

F-Secure
Riskware.Gen:Variant.Application.Bundler
5.15.21

G Data
Gen:Variant.Application.Bundler.DownloadAdmin
15.12.25

IKARUS anti.virus
PUA.DownloadAdmin
t3scan.1.9.5.0

K7 AntiVirus
Adware
13.212.18027

McAfee
Trojan.Artemis!74C6A7334D40
18.0.204.0

MicroWorld eScan
Gen:Variant.Application.Bundler.DownloadAdmin.4
16.0.0.1023

Norman
Gen:Variant.Application.Bundler.DownloadAdmin.4
10.12.2015 10:48:50

Reason Heuristics
PUP.DownloadAdmin.FastDownloaderMedia.Installer (M)
15.12.7.15

Rising Antivirus
PE:Adware.DownloadAdmin!1.A243 [F]
23.00.65.151205

VIPRE Antivirus
Threat.4150696
45548

File size:
883.9 KB (905,104 bytes)

Product version:
93.5.1.606

Copyright:
Copyright (C) 2015

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\low\content.ie5\{random}\minecraftfreedownloadsuscom-setup.exe

Digital Signature
Signed by:
Fast Downloader Media

Authority:
GoDaddy.com, Inc.

Valid from:
11/6/2015 5:05:38 PM

Valid to:
11/6/2016 5:05:38 PM

Subject:
CN=Fast Downloader Media, O=Fast Downloader Media, L=Oakland, S=California, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
4B4708E52D08AC36

File PE Metadata
Compilation timestamp:
11/7/2014 3:01:11 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:F3httXZLnq24LwexEAz+wpWEta3k4f6CL8:ZRX9nqNLweYwja3k4SC

Entry address:
0x40B2

Entry point:
E8, 69, 94, 00, 00, E9, 6B, 8D, 00, 00, CC, CC, CC, CC, 55, 8B, EC, 83, E4, C0, 83, EC, 34, 53, 56, 57, E8, 2F, 23, 00, 00, 8B, F0, A3, 30, C1, 44, 00, 85, F6, 75, 15, 68, 10, BF, 44, 00, E8, 5A, 08, 00, 00, 83, C4, 04, 6A, 37, FF, 15, 70, F0, 40, 00, 68, 00, 01, 00, 00, 6A, 00, 56, E8, 62, 24, 00, 00, 56, E8, 7C, 22, 00, 00, 8B, 5D, 08, 6A, 00, 53, 56, E8, 60, 24, 00, 00, 33, FF, 83, C4, 1C, 89, 7C, 24, 3C, 85, DB, 7E, 34, 8D, 49, 00, DB, 44, 24, 3C, 83, EC, 08, DD, 1C, 24, 56, E8, B0, 21, 00, 00, 8B, 45...
 
[+]

Entropy:
7.9646  (probably packed)

Code size:
53.5 KB (54,784 bytes)

The file minecraftfreedownloadsuscom-setup.exe has been seen being distributed by the following 3 URLs.

http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=698959&cb=282472658&executable=1197345

http://files4.downloadnet276.com/dl-pure/1195659/.../?bc=1195659&checksum=698959&cb=-126049302&executable=1197345

http://files4.downloadnet276.com/dl-pure/.../?bc=1195659&checksum=698959&cb=-1188536702&executable=1197345

Remove minecraftfreedownloadsuscom-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.