home

www.minecraftdl.com

Ittikorn Saengchuenthanom

Domain Information

Minecraft DL is a Minecraft web site (not at all affiliated with the real Minecraft) that bundles unwanted malware/adware in its download manager. This malware is inserted by WebPick Internet Holdings and utilizes the company's InstalleRex platfom using the JustPlugIt toolbar extensions along with other potentially unwanted offers. In addition the download manager provides minimal user consent to opt-out of the offers. The domain www.minecraftdl.com registered by Ittikorn Saengchuenthanom was initially registered in April of 2011 through GODADDY.COM, LLC. This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Mountain View, California within the United States which resides on the Google Inc. network.
Registrar:
GODADDY.COM, LLC

Server location:
California, United States (US)

Create date:
Friday, April 15, 2011

Expires date:
Thursday, April 15, 2021

Updated date:
Wednesday, October 29, 2014

ASN:
AS15169 GOOGLE - Google Inc.

Root domain:
minecraftdl.com

Whois:
2 minecraftdl.com records

Scanner detections:
Detections  (98% detected)

Scan engine
Details
Detections

Reason Heuristics
Adware.WebPick.Installer (M), Threat.Win.Reputation.IMP, Adware.Stunning.Installer (M), Adware.FreshApp.Installer (M), PUP.OlehAlek (M), PUP (M), Adware (M), PUP.WebPick (M)
96.00%

avast!
Win32:MultiPlug-IB [PUP], Win32:Agent-AYLT [PUP]
6.00%

ESET NOD32
Win32/Adware.MultiPlug.DP application, Win32/AdWare.MultiPlug.CT application
4.00%

AVG
Adware Generic5.CNQK
2.00%

Microsoft Security Essentials
Threat.Undefined
2.00%

The domain www.minecraftdl.com has been seen to resolve to the following 8 IP addresses.

104.239.139.21
June 21, 2016

104.239.138.72
January 29, 2016

99.198.101.19
host2.minecraftdl.com
August 11, 2015

173.194.68.121
qa-in-f121.1e100.net
June 9, 2014

173.194.76.121
qc-in-f121.1e100.net
May 23, 2014

64.233.171.121
April 16, 2014

74.125.22.121
qh-in-f121.1e100.net
March 27, 2014

74.125.29.121
qg-in-f121.1e100.net
February 14, 2014

File downloads found at URLs served by www.minecraftdl.com.

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../W8GEb&pid=4185  (minecraftdl_4185.exe)

2 / 68      (PUP)
http://www.minecraftdl.com/installer.php?url=http://www.4shared.com/zip/.../152CrazyOres_V73.html&pid=15474  (minecraftdl_15474.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://adf.ly/.../aether2-launcherjar&pid=33771  (minecraftdl_33771.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../&pid=2621  (minecraftdl_2621.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://www.mediafire.com/download/.../Temple0.5.zip&pid=46706  (minecraftdl_46706.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://adf.ly/371347/http://coros.us/mods/.../dl.php?name=zombiecraft3 v3.0 Beta 3.3.2 for MC v1.6.4.zip&pid=6177  (minecraftdl_6177.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../WCVSL&pid=43247  (minecraftdl_43247.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../kzNkX&pid=30073  (minecraftdl.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../7178034177192&pid=10437  (minecraftdl_10437.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../SUMRA&pid=44676  (minecraftdl_44676.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../?6ur521cc6mopqpo&pid=42249  (minecraftdl_42249.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../1tdEA&pid=2257  (minecraftdl_2257.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../TBi2m&pid=44241  (minecraftdl_44241.exe)

5 / 68      (PUP)
http://www.minecraftdl.com/installer.php?url=http://www.mediafire.com/download/.../builder_0.7.5_1.6.4.zip&pid=34619  (minecraftdl_34619.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../WHql4&pid=14851  (minecraftdl_14851.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../V13HJ&pid=758  (minecraftdl_758.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../?gj8i80zqr23br87&pid=2029  (minecraftdl_2029.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://adf.ly/.../animated-player-v130-mc164&pid=30793  (minecraftdl_30793.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://q.gs/.../musiccraft28&pid=29997  (minecraftdl_29997.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://api.viglink.com/.../click?format=go&pid=46038  (minecraftdl_46038.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://static.planetminecraft.com/files/resource_media/mod/.../linktoforumpageonly.zip&pid=5677  (minecraftdl_5677.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../igo42&pid=37779  (minecraftdl_37779.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../17705735549211&pid=10794  (minecraftdl_10794.exe)

1 / 68      (inconclusive)
http://www.minecraftdl.com/installer.php?url=http://.../75kRW&pid=42202  (minecraftdl_42202.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../YBOZR&pid=17515  (minecraftdl_17515.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://www.mediafire.com/download/.../sophwolves2.2.0.zip&pid=19328  (minecraftdl_19328.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://adf.ly/404181/.../adloadx.php?f=OptiFine_1.6.4_HD_C7.jar&pid=25423  (minecraftdl_25423.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=http://.../PYCak&pid=8231  (minecraftdl_8231.exe)

1 / 68      (Adware)
http://www.minecraftdl.com/installer.php?url=https://dl.dropboxusercontent.com/u/.../Pam\'s Weee Flowers 1.6.4 v1.04.zip&pid=21288  (minecraftdl_21288.exe)

1 / 68      (Adware)
http://.../installer.php?url=http://.../risugamis-modloader-1-3&pid=2914  (minecraftdl_2914.exe)

 
Latest 30 of 199 download URLs

The following 20 files have been seen to comunicate with www.minecraftdl.com in live environments.

TCP » 74.125.22.121:80
feeddemon.exe (by NewsGator Technologies)

TCP » 173.194.68.121:80
javaw.exe (Java Platform SE 7 U25 by Oracle)

TCP » 173.194.68.121:80
new_chrome.exe (Google Chrome by Google)

TCP » 64.233.171.121:80
1p1m8l01stw==53.exe

TCP » 64.233.171.121:80
1qvrflepsta==5.exe

TCP » 64.233.171.121:80
ufurate.exe

TCP » 64.233.171.121:80
tiwash.exe

TCP » 64.233.171.121:80
nuhlatin.exe

TCP » 74.125.22.121:80
new_chrome.exe (Google Chrome by Google)

TCP » 74.125.22.121:80
new_chrome.exe (Google Chrome by Google)

TCP » 74.125.22.121:80
1qfrak1juua==3.exe

TCP » 74.125.22.121:80
1pljatvnq5.exe

TCP » 74.125.22.121:80
Explore.exe (Chromium by The Chromium Authors)

TCP » 74.125.22.121:80
osizavoo.exe

TCP » 74.125.29.121:80
snackr.exe

TCP » 74.125.29.121:80
client.exe

TCP » 74.125.29.121:80
10100012.exe

TCP » 74.125.29.121:80
qupiaku.exe

TCP » 74.125.29.121:80
kukcavh.exe

TCP » 74.125.29.121:80
eenaosu.exe

 
Latest 20 of 20 files

URL:
http://www.minecraftdl.com/

Google Analytics:
UA-3773095

Title:
“Minecraft Mods Texture Packs Download Skins Maps”

Description:
“Minecraft is the fastest growing Java game in the Internet history. We offers you minecraft skins, maps, mods, texture packs and much more.”

Web server:
nginx

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.