» minecraftdl_45754.exe
Overview
Analysis
File Details
Downloads (3)

minecraftdl_45754.exe

Services Dry

Players As

The application minecraftdl_45754.exe, “Along Cytoplastic” has been detected as a potentially unwanted program by 30 anti-malware scanners. This is a setup program which is used to install the application. It is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider. The file has been seen being downloaded from www.zilliontoolkitusa.info and multiple other hosts.

File name:

Publisher:

Players As

Product:

Services Dry

Description:

Along Cytoplastic

Version:

9.6.8.5

MD5:

d5ca59f648205e0c2ae546c564394092

SHA-1:

6381d12db33c2bc74ffbf68916c70869ce35fabf

SHA-256:

01beec19abc23e2768db468e5d74d76f19a3e416101c1f2f79d54416ceb915ee

Scanner detections:

30 / 68

Status:

Potentially unwanted

Explanation:

The software may change the browser's home page and search provider settings as well as display advertisements.

Analysis date:

5/7/2024 9:25:08 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Downloader.JRBX

850

AhnLab V3 Security

PUP/Win32.MultiPlug

2014.09.25

Avira AntiVirus

TR/Crypt.XPACK.Gen

7.11.30.172

avast!

Win32:MultiPlug-EN [PUP]

141003-0

AVG

Adware Generic5.BLIG

2014.0.4037

Baidu Antivirus

Adware.Win32.MultiPlug

4.0.3.14108

Bitdefender

Trojan.Downloader.JRBX

1.0.20.1405

Comodo Security

UnclassifiedMalware

19615

Dr.Web

Trojan.Crossrider.32843

9.0.1.05190

Emsisoft Anti-Malware

Trojan.Downloader.JRBX

8.14.10.08.09

ESET NOD32

Win32/AdWare.MultiPlug.CN (variant)

8.10462

Fortinet FortiGate

Adware/MultiPlug

10/8/2014

F-Secure

Trojan.Downloader.JRBX

11.2014-08-10_4

G Data

Trojan.Downloader.JRBX

14.10.24

K7 AntiVirus

Unwanted-Program

13.183.13476

Kaspersky

not-a-virus:AdWare.Win32.MultiPlug

15.0.0.494

Malwarebytes

PUP.Optional.MultiPlug

v2014.10.08.09

McAfee

MultiPlug

5600.6984

MicroWorld eScan

Trojan.Downloader.JRBX

15.0.0.843

NANO AntiVirus

Riskware.Win32.MultiPlug.dfjscb

0.28.2.62286

nProtect

Trojan-Clicker/W32.MultiPlug.872448

14.09.24.01

Qihoo 360 Security

Win32/Trojan.Downloader.80c

1.0.0.1015

Quick Heal

AdWare.MultiPlug.r5 (Not a Virus)

10.14.14.00

Reason Heuristics

Threat.Win.Reputation.IMP

14.10.8.9

Sophos

Generic PUA AG

4.98

Total Defense

Win32/Tnega.KTKASTB

37.0.11215

Trend Micro House Call

TROJ_GEN.R0C1B01IG14

7.2.281

Vba32 AntiVirus

SScope.Adware.MultiPlug

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

33414

Zillya! Antivirus

Adware.MultiPlug.Win32.8223

2.0.0.1933

File size:

852 KB (872,448 bytes)

Product version:

8.6.0.8

Original file name:

minecraftdl_45754.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\minecraftdl_45754.exe

File PE Metadata

Compilation timestamp:

12/10/2013 2:31:37 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

24576:6JVL03AEy2p2bU9hgKBCVSMVgGZgPt3HHi3Pcl:6Jl03AQ2bUkKuSMVvaP9xl

Entry address:

0x18440

Entry point:

E8, 84, 48, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 00, C4, 43, 00, E8, 6A, 0D, 00, 00, E8, 51, 4A, 00, 00, 0F, B7, F0, 6A, 02, E8, 17, 48, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, D5, 06, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8... 
[+]

Code size:

129.5 KB (132,608 bytes)

The file minecraftdl_45754.exe has been seen being distributed by the following 3 URLs.

http://www.zilliontoolkitusa.info/download/v1539?installer_file_name=minecraftdl_45754&filesize=XX&product_name=The LOST Island Map for Minecraft 1.8 1.7.10 and 1.7.2&product_title=The LOST Island Map for Minecraft 1.8 1.7.10 and 1.7.2&reffer=http://adf.ly/1oLrc&product_file_name=error.txt&for_html_installer=1&product_download_url=<ServerUrl>/.../error.txt&layout_id=8&st=0&uuid=X1DcfcZFSjIFcgunRQ551Qn88B0Par2U4jXJqS38Gj6kGuk3BrErS5M4m6Rl0cWL8JFUCmzu0SiaOnTOIstUtXnDJP5IGaP1F1FkeGAB8oSMELod0ZomNziynD2vdMCrh1pJxMroscYYZSwRVxuUGNQg28fKjKwcyyM82eaZ1WsPmKLrswx0VbZC9eMmkVR800UBgFIjhYH2neDO3ktLdbsnQIZOvlKUDUANRaLK2FolpSbLvYDxnVGuH6QIpuwGOw8Ke48R6yZGpzkwNu5XcRj8mJo424twhKGZY7KBPRcdqCbOxej36U87sCDEPfiZ81L1iLHbuKD87tD5nCyVMVWgTcd0vvEaKFYiVkB6LGMF35MIeMenNe4nGWdq3xekfDogxLY9KxQymlLQC6zpU72z0j9eiIiWnyM9XRwLljPdtTTazxX34e1I8OfXj4NFUWH7Engdeq5AcrAe7jehwlQrNU1Apfiy2xiupHL8difWv2glWW1VmK32hOgxMtH0fjPGL7QxoYZZYDGIm1zbPYt5fOXZDcT8bvGRW3pdGxjWc068WQqVAQNPjv7MhGqWR2AptlDWhCgZGbYggB01rSNQ

http://www.zilliontoolkitusa.info/v1539?product_name=The LOST Island Map for Minecraft 1.8 1.7.10 and 1.7.2&filesize=XX&product_title=The LOST Island Map for Minecraft 1.8 1.7.10 and 1.7.2&installer_file_name=minecraftdl_45754&reffer=http://.../1oLrc

http://www.minecraftdl.com/installer.php?url=http://.../1oLrc&pid=45754

Remove minecraftdl_45754.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.