Minecraft.exe

The executable Minecraft.exe has been detected as malware by 2 anti-virus scanners. Additionally, the file is typically installed by a number of programs including Supreme Commander by Gas Powered Games and Pokémon Trading Card Game Online by The Pokémon Company International. The file has been seen being downloaded from download2124.mediafire.com and multiple other hosts. While running, it connects to the Internet address server-54-230-4-73.dfw3.r.cloudfront.net on port 80 using the HTTP protocol.
MD5:
3c166bae84553d4cb27af8abdc61712d

SHA-1:
8261eef1bea8313d86e5ac45e01393426f7f42c9

SHA-256:
fc0cf7896c32791501d5864b7b639d0ce36fd3430088c00b0a15a9960b3ce434

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
11/20/2017 11:34:02 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
W32/Mabezat
7.11.30.172

Reason Heuristics
(M)
16.6.6.21

File size:
660.1 KB (675,988 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\minecraft.exe

File PE Metadata
Compilation timestamp:
7/12/2013 7:31:36 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.22

CTPH (ssdeep):
12288:R3M40bXrbQjnVCEwtMvZaLZwpYKkbH24vp:R3M40b7kkDtMvZaypY1/B

Entry address:
0x1290

Entry point:
55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 9C, 12, 41, 00, E8, A8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, DC, 12, 41, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, C4, 12, 41, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, BA, 80, 00, 00, 00, 89, E5, 57, 31, C0, 8D, BD, E8, FE, FF, FF, 56, 53, 81, EC, 1C, 01, 00, 00, 89, 54, 24, 08, 89, 44, 24, 04, 89, 3C, 24, E8, EF, 3F, 00, 00, 89, 7C, 24, 04, C7, 04, 24, 18, 00, 00, 00, E8, 07, 0B, 00, 00, 85, C0, 0F, 84, 7C, 00, 00...
 
[+]

Entropy:
6.7603

Code size:
17.5 KB (17,920 bytes)

The file Minecraft.exe has been discovered within the following programs.

Pokémon Trading Card Game Online  by The Pokémon Company International
www.pokemontcg.com/support
About 8% of users remove it
Supreme Commander  by Gas Powered Games
Supreme Commander is a real-time strategy computer game focused on using a giant bipedal mech called an Armored Command Unit.
www.gaspowered.com
About 3% of users remove it
 
Powered by Should I Remove It?

The file Minecraft.exe has been seen being distributed by the following 50 URLs.

http://download2124.mediafire.com/vw8w5fv31fcg/.../[Launcher Original]Minecraft.exe

http://gsf-cf.softonic.com/826/1ee/.../file?SD_used=0&channel=WEB&fdh=no&id_file=189271&instance=softonic_pl&type=PROGRAM&Expires=1422405039&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&Signature=Yuuw4AZb5LimWQwlvPJ7haFTEP06FOqUHV7akJsegfivOYYuvu9auLqMsIryZPIDno937icHauDglDPRRm44y6y4g5woP12gF~qV4e8NjF4OozgqGScCw0YgSTHK~4P4ABCHrzlhOynxnIT6k~VnsrETPIjm3sfblMMqe3nsRDE_&filename=Minecraft.exe

http://download2124.mediafire.com/k14g3zhpqttg/.../[Launcher Original]Minecraft.exe

http://cdn.tomsguidefiles.com/c?x=XnY9Xz0wiTgiOf zaOT1CWwN7A8Wcjfg5eQFOjb nA8=&c=JuAOwuaBzGVINzimCQFGfL1Fon6Yrz2vsaKaKiS1YwGY22U5SckQrhWICbT1Uj0mNrdhcHmbtajxGWgwFNKOtxZOJ923MjcvjrMehSwqfwlduIcaylQ ULRP2PDNuBEJICqTcy 5OoIdkZ32JTJmEA==&downloadAs=TomsInstaller.exe&fallback_url=https://s3.amazonaws.com/Minecraft.Download/.../Minecraft.exe

http://download2068.mediafire.com/c4v54cj94dgg/.../[Launcher Original]Minecraft.exe

http://www.giftnewgift.com/9E8yVDQnBxNyMidJUMuUw87ZJhPQun6oI90QFZ38OvFYJyxYinNTi7qDCYaZQ_ J5xOr0pJ21OPynGNbsz_CJFaJnwF8ZvSXLhTUq3guaNeNXitoHPVpGi_GxlHb0SprAE 6eD E x7A2_u31aSGmd2fxKK8VbRqfUrtvPvIPt1T1KyA8 2MoQ6LQD1Z5z5NUUjvVcShE25R0NbynOLYndK7WzHIudikW9QBUvlVCfO8XaMLra6EAZf5QY66xxB84KgwDJ7EK3xnAlsdkNRKqgGXCpzayQ8g2Wmlb bSMRSDfjbBFAJpnfBXe28wUSYwMHuDF5m7DBfY2 PbwfQYu111oU_0FfxAflYvaICEw38fRgg1tCwiIO3LhhGe_U_YoLfnzY1 DWMzS1h5WkZeIqhy5H2iYdN1tnVacOllOFfE9iY1WX8ZFdMuLkh7TBwVMpE7Ep38ux9NLzeZ1gOqdvPkKHKu7u5GGAuUDRZF4p Z LGrjXUTbAe0Zb1z40QapRuEPbao-G3oAAORt4vd12hd0SNT1iMSEBaZQkwP2_5W1vCNvAXAgOzw6vogmpq j2MZyaVfhrjANup4P8j3d7Ka UsLOXzl n0wP_WdSGy5hF74qwA6Si3Rl3VFPZiMO-e

http://www.bulkstockupdate.com/.../GG32g lqP1 voKyBfs=&c=i2CPTo27jmBO8V54quzj0odPSmsRE34YcaSJacwC69tGHBqljW4T4qmr8zpIyhXpbtJAuupLMEZ7sGS124N3ZSym7boqdmoJNWvY0008bTp5JGv3aVKjNwTro4wgAID4&downloadAs=TomsInstaller.exe

http://download1098.mediafire.com/d5mxt81044eg/.../Minecraft.exe

http://download2124.mediafire.com/66wozlooghug/.../[Launcher Original]Minecraft.exe

http://secure.inndl.com/.../minecraft.exe

http://lb.cdn.m6web.fr/d/c/a/861907cbfe1eb971544b13c0d14acfab/5896f50a/soft/.../minecraft_1-11-2_fr_430565.exe

http://www.tamindir.com/indir/MjAxNy0wMS0yOSAyMjoyNDo1MA==/minecraft/windows/.../

http://www.bitsheartconcepts.com/ 6Un91jc _7cHkZ7M5GTdnlVLhgRAtcajyLj X1Ciaa5STaTYa1DeGmKR6Mbbas8I4dIn6QMyShdZrLnUoTuVnHWUCHRVZ6J9ArlELOAtqxF7nb_2 nUJhhfW1 rlA2KVXZmNNinv7GDJGRIqkqcTNGmUwh2ONW4wYPBqpvfbi2WBfNtZV9frHQW0FOaRtnj6Stumd55lU zdm9JNf0YKarwlzK93Rlu93kvm8TjprHUpCdqC3lCVva wtWTsXTEhZZKPZcyGNlELy6eP7BfoaOv i6WfpvTlyUPYQO f9_zmvA6 dYUkUDxt2v9OSnwwq9533JCEkybxvxmdl hhCWViVTOpvb6Qpe0o70xf9V WeDXc7tlqnPbbvG8rttyOzNMVQltvwmR_532loz_5wd_OV2SyIyyFw1tkrWIXQr_9SL LgV_xpijF4b9IfZidJQwLu_X2m1FVldHToY79EW43UxgusJbI2G9yLdcHWoyR2YUqnk=-G3oAAMTaZktn1GL48giPliwiuhnc4OeXuY2N_RV9Ed_1o38LdGPhIT0IDuHYDGobI0uza5vH_7fvuj7I53QXSoQQSFAIku0Pyc6u32vaBy9tTrwqiG0mV41r1nPVzWzGAQ==

http://lb.cdn.m6web.fr/d/c/a/2a91e42564a6a665f91907aa4376bf3c/5788dd40/soft/.../minecraft_1-10_fr_430565.exe

http://www.tamindir.com/indir/MjAxNy0wMS0wNyAxODoxMDowMw==/minecraft/windows/.../

http://cdn.tomsguidefiles.com/c?x=sAxlBngIvAZG5Z Br9hbBADhGQO4NAoPrhO9QxLZaqc=&c=rmEzYjAMEf6JBumGZvy8jZ0WNV92g7WDnq/dnvNTBphW8Dd3L/i67U7CjqJOz77sHPwjzdYb483UcI28Ob0RlAI1tHptSVMMCab9QEc4Lal5d0KVcy9gLSRQRCz/6i4CYgh4FDxvmOGhH3bxd i40w==&fallback_url=https://s3.amazonaws.com/Minecraft.Download/.../Minecraft.exe&downloadAs=TomsInstaller.exe

http://www.packagesafenew.com/c?x=YJWuUN1enq5yeFe XuOoObcaZlrOuQCGWaTWrGHg24A=&c=QRXlLB9gYK1wywU2Y4dfqQqCDh5nU/3NDBJI2RlpfccP5lVpfSrjbUrNBrCBt5hugKYEWOdBUfWiYMCtW2yA6Q6ZZ 3yglbQgNB8GtZPgbDRor2n9gu7lnAmBVaLyQlhNlvacgCi64mgqCOYvhEjMg==&downloadAs=TomsInstaller.exe&fallback_url=https://s3.amazonaws.com/Minecraft.Download/.../Minecraft.exe

http://lb.cdn.m6web.fr/d/c/a/4bd6f582518921b0933ac8b681335b0b/58a229df/soft/.../minecraft_1-11-2_fr_430565.exe

https://www.download.hr/go.php?file=w10813&code=g1a4j8l6v9j2k0q8r6o2

http://download2068.mediafire.com/d8bcbbma5fjg/.../[Launcher Original]Minecraft.exe

http://download2068.mediafire.com/59lb8gj423pg/.../[Launcher Original]Minecraft.exe

http://www.newclearchuckle.com/c?x=BudESCGHDcyX1azms3yCCQsKMbASwoEtNFBAo8vJnDI=&c=qrxbphqC8nQXVVMYCyPH/IIPQeT3kC7SKyJM3ZKbGXCTrY3ip5MqjA0nj8wENGNxIK7Yex9fCojxihuZwZacC3AUlYVMfphx6cRAlOl41Kr4aikhBSIGmwNi7ABGYyY0wnk/owcb2UUNoOazUqP uQ==&e=0&downloadAs=minecraft.exe&fallback_url=http://minecraft.lt.downloadastro.com/.../?utm_source=ira&utm_medium=error_generating&utm_campaign=minecraft

http://i.download.idg.pl/fannef/e9255363b03c34a2c7a323e2c2e568f7/55c33d0b//cyberjoy/dema/m/.../Minecraft_172.exe

http://www.giftnewgift.com/820OmhRjG3pKKcXuBGQhTnPLu3slKs7GuKqlAQKMD3mG hJyeOkGEQVVb9xQXWFp_RbzrubCvJXz2_pZGjhZaxIB HGcJaSCHEnzdTJYAV79fu569ga3BHBC_XL9t1EjuiPo_E5IY6L3aK77Bj4RMk JSot8t RORvXnJd iUWYmMnj57VF3kd0Bz66gHZWtPp7Hix2kwphW8tgvYOWQQJe4rhlhFXrsdr8Qd0Uq1NynO cMG4HmEWJHcKyYXsxfUXVpI2H31ILfnNL9JleXKCwTypfTIBlvBvRR16sVw0qfEP1YroHxoIv1ZgIZfVHCO8QR_NDNHqAQGoiKaciUL_JnSv95jcUyacY5mA2czDf4g9p9wWhBo_o9jJ EHV76kn78jTJywlzwPU_CWGTPf Taoc4Hux7kJr8QjApi0VsCmAdQ6sOnq39WfsJr5mDdGQHWP Ei0yK8wmIRJhvn_yGm1VGIRuuge6R8APcN5D6IXFyVHkx6mZu7ZSFJt3F69brzWJrp-G20AAETn1hoRQ2KmyBhTR0C3C045YK VfZ9H_gXAB7chePyCe6QvIk1jdOk6bBcXOLU yK_LeJ_AmF2p_zV8ScBIXCRIp8BGG5q4xzdmhQA=-e

http://www.bitssigncurrent.com/c?x=F3KyaHh6AJUboIS/.../EMIj8KMHL6Fb7c898VPmbDO7yzECf7hIw8DkMp6rf8nPNtUct67dUNqweJUVA91uNSN2rd&downloadAs=TomsInstaller.exe

http://www.conecptbitsfarm.com/MttiZQTywuO6asG9RbDvC5ix3xzDiNyNDz4MRObm D4sBcuxlKgP_Tm5sC_07Lq5OtfiFGYEYeg1KPA jrryu1rSEPDmfpWQEHlVD_iUzj7yUU51Kp_YFQ7AuAuqhs9FvOn_BYLZDsLC1seMTk4COjxevMcENhZogjf1nV4Wz44ueQDrKZF6Lx49mAEXUzrIDn5Kp8Qh_P lU_dBCaHAkgUISw9JB6HD8fQucLpcGzB3od8 whgc nFIc hYiCuAJOvciIjpbAW95KWDcB1YRPHA7e6RFQf4aO1AQLFnPgSTYw2cGE1qTQHKaKJK 44NbSu85YbjVrsp0jJYBpEHm6_ZnFaKWUIVUy6gMfHSoDTLMOV7vucPVumnA0tNYMsAcZsuTNjTW9jsF2YQXHbt48SfScyHUQp1JhehKTieHluy6ntNxMXOEzYkWl9Ed4fGYSYShCIwelu1NKp7yPdIn9BG hVBwK1Pa4d_B97GZH9_UvvqBeo=-G3AAAORte89pY0lrioiFQwNTpxyw18ra55F_dz7oxsJDveAQjs2gtjGytLXkNFpi1_NBPqez 689HfzflBp5CYi3BJ0gXjik9bx1k4Yg-e

http://download2068.mediafire.com/4qpksdjx1p3g/.../[Launcher Original]Minecraft.exe

http://lb.cdn.m6web.fr/d/c/a/38abe30508c98161e34a6b46b240aa26/589668bd/soft/.../minecraft_1-11-2_fr_430565.exe

http://cdn.tomsguidefiles.com/c?x= wqO6AALEAxPxhR8VRa2PDk3Hy0qEo1JqvERQnxwIIA=&c=QTULHC98t /ym3zvcWj2GeG7SoBJi6Stvk7C7wkf83DY2xgRGy/1nRmA5N 0Cp2pE6YO9RRSplv9elkY116QRAAtodJoV/xBhbZysNkG5JP8EakquQmM7GpbxjhQFu0u&downloadAs=TomsInstaller.exe&fallback_url=https://s3.amazonaws.com/Minecraft.Download/.../Minecraft.exe

http://www.packagesafenew.com/c?x=T8f8yYfXWN4DLkU43Ha1ryAIOmANU75Elqt87J3qQOI=&c=Vi4L0ECC7AlhbSFnwVjr 0jYlMEVJIlvVmN8 OVvsvTaOGLxPA/8MKGDa9QqODEhasi0p8a HCE3H4p4t09T/eGB7LUjopAwtdwh7Sg7Q874G9mzpfxCdsjAJ0hRzWzUqYoRI2c1EWmQuh05uBPP6A==&downloadAs=TomsInstaller.exe&fallback_url=https://s3.amazonaws.com/Minecraft.Download/.../Minecraft.exe

Latest 30 of 9,500 download URLs

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to server-54-230-58-111.gru1.r.cloudfront.net  (54.230.58.111:80)

TCP (HTTP SSL):
Connects to server-54-230-59-134.gru1.r.cloudfront.net  (54.230.59.134:443)

TCP (HTTP):
Connects to server-54-230-4-73.dfw3.r.cloudfront.net  (54.230.4.73:80)

TCP (HTTP SSL):
Connects to server-54-192-160-90.jax1.r.cloudfront.net  (54.192.160.90:443)

Remove Minecraft.exe - Powered by Reason Core Security