home

minecraft_server.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from assets.minecraft.net and multiple other hosts.
MD5:
e72bb648a256961eee97505a6ee78f77

SHA-1:
5492d8d1dfaff8b9dce1536a1e578e60b57b4d31

SHA-256:
ac425ca86587dbba7fa53753dd675117c32375c85affbeb1f7d4cbcafbd412f0

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/26/2024 5:29:04 PM UTC  (today)

Scan engine
Detection
Engine version

Emsisoft Anti-Malware
Dropped:Adware.DomaIQ.O
8.13.12.26.05

Rising Antivirus
PE:Trojan.Kazy!6.86F
23.00.65.14108

File size:
2.4 MB (2,541,261 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\minecraft_server.exe

File PE Metadata
Compilation timestamp:
3/19/2013 4:19:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
49152:Ir8VzdbqFNEro1QscMWdkaEkPGv2WoRoEQdJGCuDgXPpXJ40arbbgpXaAFDVQyi:IEkRQscMMvGy4JGCn1nEHyXaAdC

Entry address:
0x1290

Entry point:
55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 9C, 12, 41, 00, E8, A8, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, DC, 12, 41, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, C4, 12, 41, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, BA, 80, 00, 00, 00, 89, E5, 57, 31, C0, 8D, BD, E8, FE, FF, FF, 56, 53, 81, EC, 1C, 01, 00, 00, 89, 54, 24, 08, 89, 44, 24, 04, 89, 3C, 24, E8, 37, 40, 00, 00, 89, 7C, 24, 04, C7, 04, 24, 18, 00, 00, 00, E8, 07, 0B, 00, 00, 85, C0, 0F, 84, 7C, 00, 00...
 
[+]

Entropy:
7.8869  (probably packed)

Code size:
18.5 KB (18,944 bytes)

The file minecraft_server.exe has been discovered within the following program.

BitTorrent  by BitTorrent Inc.
BitTorrent is a desktop application that allows you to work with torrent files.BitTorrent allows you to download files available as torrents, search torrent sites for music, videos, books, software and other free or public domain material.
www.bittorrent.com
7% remove it
 
Powered by Should I Remove It?

The file minecraft_server.exe has been seen being distributed by the following 3 URLs.

https://assets.minecraft.net/.../Minecraft_Server.exe

http://assets.minecraft.net/.../Minecraft_Server.exe

https://s3.amazonaws.com/MinecraftDownload/.../Minecraft_Server.exe

Scan minecraft_server.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.