home

minecraft_game_downloader.exe

The application minecraft_game_downloader.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The file has been seen being downloaded from totalnethits.biz.
MD5:
b18287b91d13ec42c0e5958130ec2e8c

SHA-1:
0d66cc06b6a5fc50c84f4465bc253b595e031f3d

SHA-256:
3e41ba1d555c4e5f7e54a05cfe70862928b6cc2e1fd5de086eee02b3bbf6c2d9

Scanner detections:
1 / 68

Status:
Potentially unwanted

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Analysis date:
4/27/2024 1:05:43 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.InstallCore (L)
16.8.3.18

File size:
18 Bytes

File type:
Executable application (Win16 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\minecraft_game_downloader.exe

File PE Metadata
Compilation timestamp:
3/3/2022 2:51:05 AM

OS bitness:
Win16

CTPH (ssdeep):
3:b7PXL:3P7

Entry point:
59, 6F, 75, 72, 20, 49, 50, 20, 69, 73, 20, 62, 6C, 6F, 63, 6B, 65, 64...
 
[+]

Entropy:
3.7947

Packer / compiler:
RLPack FullEdition V1.1X

The file minecraft_game_downloader.exe has been seen being distributed by the following URL.

http://totalnethits.biz/download_gate.php?cid=1233&file=Minecraft_Game_Downloader.exe&subid1=actr&subid2=4lp&subid3=mncf&subid4=lp9d2z&subid5=_17422_

Remove minecraft_game_downloader.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.