home

miniclip-game-bubble-trouble.exe

Miniclip Games Download Manager

Miniclip

The executable miniclip-game-bubble-trouble.exe has been detected as malware by 5 anti-virus scanners. The file has been seen being downloaded from www.miniclip.com.
Publisher:
Miniclip

Product:
Miniclip Games Download Manager

Version:
1.0.0

MD5:
31c2a59e5e15616b89bd74a4de96800c

SHA-1:
f813d4b4de52b6a75b8969c222f3bb65ae596b1e

SHA-256:
70571d2004ca5631f2090a99f645a74209acb3c2d55d1d42ffc737cd8b774127

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
4/25/2024 9:23:48 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.Clod8f8.Trojan
1.3.0.4613

Dr.Web
Trojan.PWS.Banker1.5753
9.0.1.0179

McAfee
Artemis!31C2A59E5E15
5600.7086

Trend Micro House Call
HV_ZYX_BK084979.TOMC
7.2.179

Vba32 AntiVirus
Trojan.FakeAV
3.12.24.3

File size:
623.9 KB (638,858 bytes)

Product version:
1.0.0

Copyright:
© Miniclip

Original file name:
bdm.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\miniclip-game-bubble-trouble.exe

File PE Metadata
Compilation timestamp:
6/28/2011 10:02:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:PwaA3t7VPRw+8cOSQN2jyGFyFjIScoSqN:wpbw+8cze/jj

Entry address:
0x146330

Entry point:
60, BE, 00, 70, 4F, 00, 8D, BE, 00, A0, F0, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 46, 4C, 14, 00, 57, 83, C3, 04, 53, 68, 1F, F3, 04, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9, 49, 89, 4C, 24, 6C, 0F, B6, 4A...
 
[+]

Entropy:
6.4116

Code size:
320 KB (327,680 bytes)

The file miniclip-game-bubble-trouble.exe has been seen being distributed by the following URL.

http://www.miniclip.com/.../download.php?n=bubble-trouble

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to a23-10-23-172.deploy.static.akamaitechnologies.com  (23.10.23.172:80)

Remove miniclip-game-bubble-trouble.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.