home

minecraftfreedownloadsuscom-setup.exe

Subtrending Media Solutions

The application minecraftfreedownloadsuscom-setup.exe by Subtrending Media Solutions has been detected as a potentially unwanted program by 20 anti-malware scanners. This is a setup and installation application and has been known to bundle potentially unwanted software. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent.
Publisher:
Subtrending Media Solutions  (signed and verified)

Product:
Subtrending Media Solutions

Version:
53.5.1.3421

MD5:
2ebb4676c4bd59e3ce47c8890033ac99

SHA-1:
e8f83c960e67562dc9b253bc86fb143638f34214

SHA-256:
20b0346ba0728929a43e27836ba6ddadfe5c9b690e7d9c3e0ae8a69e62736312

Scanner detections:
20 / 68

Status:
Potentially unwanted

Explanation:
Bundles additional software, mostly toolbars and other potentially unwanted applications using the Vittalia monitization installer.

Analysis date:
11/16/2024 4:00:20 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Application.Bundler.DownloadAdmin.4
5711060

Arcabit
Trojan.Application.Bundler.DownloadAdmin.4
1.0.0.629

avast!
Win32:Malware-gen
151212-2

AVG
Generic
2016.0.2897

Bitdefender
Gen:Variant.Application.Bundler.DownloadAdmin.4
1.0.20.1735

Comodo Security
Application.Win32.DownloadAdmin.RP
23755

Dr.Web
Trojan.Vittalia.1166
9.0.1.05190

Emsisoft Anti-Malware
Gen:Variant.Application.Bundler.DownloadAdmin
15.12.13

ESET NOD32
Win32/DownloadAdmin.P potentially unwanted application
7.0.302.0

F-Secure
Riskware.Gen:Variant.Application.Bundler
5.15.21

G Data
Gen:Variant.Application.Bundler.DownloadAdmin
15.12.25

IKARUS anti.virus
PUA.Win32.Dowadmin
t3scan.1.9.5.0

K7 AntiVirus
Adware
13.212.18089

MicroWorld eScan
Gen:Variant.Application.Bundler.DownloadAdmin.4
16.0.0.1041

Norman
Gen:Variant.Application.Bundler.DownloadAdmin.4
12.12.2015 20:21:58

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1077

Reason Heuristics
PUP.SubtrendingMediaSolutions.Installer (M)
15.12.13.7

Rising Antivirus
PE:Adware.DownloadAdmin!1.A243 [F]
23.00.65.151211

VIPRE Antivirus
Threat.4150696
45800

Zillya! Antivirus
Adware.Adwapper.Win32.7780
2.0.0.2560

File size:
871.4 KB (892,304 bytes)

Product version:
53.5.1.3421

Copyright:
Copyright (C) 2015

Original file name:
setup.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\minecraftfreedownloadsuscom-setup.exe

Digital Signature
Signed by:
Subtrending Media Solutions

Authority:
GoDaddy.com, Inc.

Valid from:
11/6/2015 6:10:38 PM

Valid to:
11/6/2016 6:10:38 PM

Subject:
CN=Subtrending Media Solutions, O=Subtrending Media Solutions, L=Oakland, S=California, C=US

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00FF4E4C331991627F

File PE Metadata
Compilation timestamp:
11/19/2014 4:54:52 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:q9ZJNBRO5AKoLe6ylutqs23r8miviHElaRXVMxOv82C8MFg4xkaVlmDPzB+bUHWF:oZsA9LDjqBprklau+C8c9mDLQbOcn

Entry address:
0x4374

Entry point:
E8, 97, 95, 00, 00, E9, 95, 8E, 00, 00, CC, CC, 83, EC, 68, 56, 57, 68, D0, F4, 40, 00, FF, 15, E8, F0, 40, 00, 50, E8, 9A, 30, 00, 00, 6A, 00, 6A, 00, 6A, 00, 68, 00, 04, 00, 00, 68, 01, 68, 00, 00, B9, 19, 00, 00, 00, BE, 68, F4, 40, 00, 8D, 7C, 24, 20, F3, A5, 68, 80, 00, 00, 00, 68, 04, 80, 00, 00, 6A, 01, 68, 38, F4, 40, 00, 8D, 44, 24, 30, 6A, 64, 50, A4, E8, 3C, 73, 00, 00, 83, C4, 30, 5F, 5E, 84, C0, 75, 0E, FF, 15, 9C, F0, 40, 00, 6A, 40, FF, 15, B0, F0, 40, 00, 83, C4, 68, C3, 8B, FF, 55, 8B, EC...
 
[+]

Entropy:
7.9698  (probably packed)

Code size:
52.5 KB (53,760 bytes)

Remove minecraftfreedownloadsuscom-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.