home

minecraft-setup.exe

Parsec Media S.L.

The executable minecraft-setup.exe by Parsec Media S.L has been known to be a potentially unwanted program. The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. It is also typically executed from an Internet Explorer cache folder. The file has been seen being downloaded from files4.mirror1.info.
Publisher:
Parsec Media S.L.  (signed and verified)

MD5:
0b154b9132eef434a8955d5df93c8987

SHA-1:
8a211c6b73adebeebdecd93bfd6b66602892c7c1

SHA-256:
7f29caba0a1afcf75ed154006f78c78f6860a01e8cdad636912af28fcd0ad236

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 11:15:44 PM UTC  (a few moments ago)

File size:
654.4 KB (670,152 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\minecraft-setup.exe

Digital Signature
Signed by:
Parsec Media S.L.

Authority:
VeriSign, Inc.

Valid from:
8/5/2014 7:00:00 PM

Valid to:
8/5/2017 6:59:59 PM

Subject:
CN=Parsec Media S.L., O=Parsec Media S.L., L=Sant Cugat del Valles, S=Barcelona, C=ES

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2BA8AA53C9FA3AC9D8B45CAA6880062C

File PE Metadata
Compilation timestamp:
1/29/2015 1:35:11 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:X4BS2ly9NKPRdegPsgQr/745jezvROTVo80d1WU1ntTxJ10gJ1TvzY:XhhKeiHQr/s1uRCBQWMxDpY

Entry address:
0x234A

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 78, 73, 40, 00, 33, F6, C6, 44, 24, 14, 20, E8, F8, FD, FF, FF, FF, 15, 30, 77, 40, 00, 68, 01, 80, 00, 00, FF, 15, C0, 70, 40, 00, 53, FF, 15, 2C, 77, 40, 00, 6A, 08, A3, 98, 3D, 42, 00, E8, DD, F9, FF, FF, 53, 68, 60, 01, 00, 00, A3, A0, 3C, 42, 00, 8D, 44, 24, 38, 50, 53, 68, 0B, 74, 40, 00, FF, 15, 50, 71, 40, 00, 68, 00, 74, 40, 00, 68, A0, 34, 42, 00, E8, 5A, F3, FF, FF, FF, 15, BC, 70, 40, 00, 50, BF, 00, 90, 42, 00, 57...
 
[+]

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file minecraft-setup.exe has been seen being distributed by the following URL.

http://files4.mirror1.info/download/.../dl?bc=1120062&pid=rockybytes&brand=es.rockybytes.com&country=AR&variation=chwebsite&cb=2146503084&filename=minecraft-setup.exe&osName=Windows&osVersion=8&browserName=IE&browserVersion=10&zTmp=1

Scan minecraft-setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.