home

Minecraftpremium.exe

The executable Minecraftpremium.exe has been detected as malware by 6 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from dc736.4shared.com.
Version:
0.0.0.0

MD5:
a6f91b3d26a7fc3c7319ed8998a43a5d

SHA-1:
3d5c8589d3520f7ec81cde1fee21dd44ff28449b

SHA-256:
daa01f76652c2df7f25920f73fe9a8a056b4e28a7d212a0e7e5a953da0c4ccb2

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
11/27/2024 12:43:44 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
MSIL:Crypt-BK [Drp]
160518-2

Emsisoft Anti-Malware
Gen:Variant.MSILKrypt.11
11.5.0.6191

ESET NOD32
MSIL/TrojanDropper.Agent.JK trojan
8.0.319.0

McAfee
Trojan.GenericRXAA-RM!A6F91B3D26A7
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.223.2949.0

Norman
Gen:Variant.MSILKrypt.11
22.05.2016 07:18:28

File size:
496 KB (507,904 bytes)

Product version:
0.0.0.0

Original file name:
Minecraftpremium.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\minecraftpremium.exe

File PE Metadata
Compilation timestamp:
2/18/2016 11:05:54 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:eSj3wARdlqC16PejFkLRuanLGfNCkrTZ:Nj3wArUC4PejFkLRuanLGfkkr

Entry address:
0x7A02E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
484 KB (495,616 bytes)

The file Minecraftpremium.exe has been seen being distributed by the following URL.

http://dc736.4shared.com/download/.../Minecraftpremium.exe

Remove Minecraftpremium.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.