» computer_bild_download_manager_fuer_minecraft.exe
Overview
Analysis
File Details

computer_bild_download_manager_fuer_minecraft.exe

Softonic Downloader

Axel Springer AG

The application computer_bild_download_manager_fuer_minecraft.exe by Axel Springer AG has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The program is a setup application that uses the Softonic Downloader installer. The installer is marketed through download protals and search ads as Minecraft but will also install additional software offers which include adware, PUPs and browser toolbars.

File name:

Publisher:

Softonic (signed by Axel Springer AG)

Product:

Softonic Downloader

Version:

1, 38, 0, 0

MD5:

14733e406bebae7eb19869ea45d88a59

SHA-1:

c959e9ada2c5c606d83667567251c78e9d9f11d1

SHA-256:

e5b0e7a931c4867684846d2e15f7fae4e144fe1b39ebf00246efea0f133c70a3

Scanner detections:

1 / 68

Status:

Potentially unwanted

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

4/18/2024 12:40:45 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Softonic.Downloader (M)

17.1.31.5

File size:

384.2 KB (393,392 bytes)

Product version:

1, 38, 0, 0

Original file name:

SoftonicDownloader.exe

File type:

Executable application (Win32 EXE)

Bundler/Installer:

Softonic Downloader

Language:

Spanish

Common path:

C:\users\{user}\downloads\computer_bild_download_manager_fuer_minecraft.exe

Digital Signature

Signed by:

Axel Springer AG

Authority:

Thawte, Inc.

Valid from:

1/31/2012 1:00:00 AM

Valid to:

1/31/2014 12:59:59 AM

Subject:

CN=Axel Springer AG, O=Axel Springer AG, L=Hamburg, S=Hamburg, C=DE

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

3CBBD54D9B13912CA483FC03A5BB1670

File PE Metadata

Compilation timestamp:

6/11/2013 12:49:46 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

Entry address:

0x157040

Entry point:

60, BE, 00, 30, 50, 00, 8D, BE, 00, E0, EF, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, E8, 58, 15, 00, 57, 83, C3, 04, 53, 68, 2F, 40, 05, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A... 
[+]

Code size:

340 KB (348,160 bytes)

Remove computer_bild_download_manager_fuer_minecraft.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.