File name:

MinecraftInstaller.msi

Full analysis: https://app.any.run/tasks/3787c0c9-6c2f-42ee-98c2-2fcbb3bb1a50
Verdict: Malicious activity
Analysis date: March 21, 2021, 21:22:11
OS: Windows 7 Professional Service Pack 1 (build: 7601, 32 bit)
Tags:
generated-doc
Indicators:
MIME: application/x-msi
File info: Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.3, MSI Installer, Code page: 1252, Title: Installation Database, Subject: Minecraft Launcher, Author: Mojang, Keywords: Installer, Comments: This installer database contains the logic and data required to install Minecraft Launcher., Template: Intel;1033, Revision Number: {BCF7F5DA-2F2D-4830-B22B-278AC804C413}, Create Time/Date: Mon Mar 1 13:15:38 2021, Last Saved Time/Date: Mon Mar 1 13:15:38 2021, Number of Pages: 200, Number of Words: 2, Name of Creating Application: Windows Installer XML Toolset (3.9.1006.0), Security: 2
MD5:

D1722715C35C600D83DBC8DE4FDD5E0E

SHA1:

CAE7FB861332533B67E1C41828FBAE76F627B15E

SHA256:

E08E0F74FD4C7DC3D3067717CB7EE96B42B5D11395F2A244B102FBD47E00175B

SSDEEP:

24576:jb5Mm6ePxvCkuQLgZvIOdEyp0/diXeXfs6Gq6+Bp8cfap6pTkzJAnE0WTM9AudAe:jbWBSjUvIOq/QXGMqDspVn0WKb

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Application was dropped or rewritten from another process

      • MinecraftLauncher.exe (PID: 2616)
      • MinecraftLauncher.exe (PID: 892)
      • MinecraftLauncher.exe (PID: 304)
      • MinecraftLauncher.exe (PID: 2216)
      • MinecraftLauncher.exe (PID: 4060)
      • MinecraftLauncher.exe (PID: 2388)

    • Loads dropped or rewritten executable

      • MinecraftLauncher.exe (PID: 2616)
      • MinecraftLauncher.exe (PID: 304)
      • MinecraftLauncher.exe (PID: 892)
      • MinecraftLauncher.exe (PID: 2216)
      • MinecraftLauncher.exe (PID: 4060)
      • MinecraftLauncher.exe (PID: 2388)

  • SUSPICIOUS

    • Drops a file that was compiled in debug mode

      • msiexec.exe (PID: 1340)
      • MinecraftLauncher.exe (PID: 2616)

    • Executable content was dropped or overwritten

      • msiexec.exe (PID: 1340)
      • MinecraftLauncher.exe (PID: 2616)

    • Creates files in the user directory

      • MinecraftLauncher.exe (PID: 2616)
      • MinecraftLauncher.exe (PID: 304)

    • Application launched itself

      • MinecraftLauncher.exe (PID: 2616)

    • Creates files in the program directory

      • MinecraftLauncher.exe (PID: 2616)

    • Drops a file with too old compile date

      • MinecraftLauncher.exe (PID: 2616)

    • Creates a directory in Program Files

      • MinecraftLauncher.exe (PID: 2616)

    • Drops a file with a compile date too recent

      • MinecraftLauncher.exe (PID: 2616)

  • INFO

    • Loads dropped or rewritten executable

      • MsiExec.exe (PID: 3148)
      • MsiExec.exe (PID: 1344)
      • MsiExec.exe (PID: 3788)

    • Reads the hosts file

      • MinecraftLauncher.exe (PID: 2616)
      • MinecraftLauncher.exe (PID: 304)

    • Dropped object may contain Bitcoin addresses

      • MinecraftLauncher.exe (PID: 2616)

    • Reads settings of System Certificates

      • MinecraftLauncher.exe (PID: 304)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.

TRiD

.msi | Microsoft Windows Installer (95.3)
.doc | Microsoft Word document (old ver.) (3.2)
.msi | Microsoft Installer (100)

EXIF

FlashPix

CodePage: Windows Latin 1 (Western European)
Title: Installation Database
Subject: Minecraft Launcher
Author: Mojang
Keywords: Installer
Comments: This installer database contains the logic and data required to install Minecraft Launcher.
Template: Intel;1033
RevisionNumber: {BCF7F5DA-2F2D-4830-B22B-278AC804C413}
CreateDate: 2021:03:01 13:15:38
ModifyDate: 2021:03:01 13:15:38
Pages: 200
Words: 2
Software: Windows Installer XML Toolset (3.9.1006.0)
Security: Read-only recommended
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
50
Monitored processes
10
Malicious processes
5
Suspicious processes
2

Behavior graph

Click at the process to see the details
start msiexec.exe msiexec.exe no specs msiexec.exe no specs msiexec.exe no specs minecraftlauncher.exe minecraftlauncher.exe minecraftlauncher.exe minecraftlauncher.exe no specs minecraftlauncher.exe minecraftlauncher.exe no specs

Process information

PID
CMD
Path
Indicators
Parent process
304"C:\Program Files\Minecraft Launcher\MinecraftLauncher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1488,3125605726604140704,17702589064726444577,131072 --enable-features=CastMediaRouteProvider --lang=en-US --service-sandbox-type=network --no-sandbox --log-file="C:\Users\admin\AppData\Roaming\.minecraft\launcher_cef_log.txt" --log-severity=info --lang=en-US --launcherui --log-file="C:\Users\admin\AppData\Roaming\.minecraft\launcher_cef_log.txt" --mojo-platform-channel-handle=1752 /prefetch:8C:\Program Files\Minecraft Launcher\MinecraftLauncher.exe
MinecraftLauncher.exe
User:
admin
Company:
Mojang
Integrity Level:
MEDIUM
Description:
Minecraft launcher
Exit code:
0
Version:
1.0.1.0
Modules
Images
c:\program files\minecraft launcher\minecraftlauncher.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\webio.dll
c:\windows\system32\gdi32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\user32.dll
892"C:\Program Files\Minecraft Launcher\MinecraftLauncher.exe" --type=gpu-process --field-trial-handle=1488,3125605726604140704,17702589064726444577,131072 --enable-features=CastMediaRouteProvider --no-sandbox --log-file="C:\Users\admin\AppData\Roaming\.minecraft\launcher_cef_log.txt" --log-severity=info --lang=en-US --launcherui --gpu-preferences=MAAAAAAAAADgACAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Users\admin\AppData\Roaming\.minecraft\launcher_cef_log.txt" --mojo-platform-channel-handle=1472 /prefetch:2C:\Program Files\Minecraft Launcher\MinecraftLauncher.exe
MinecraftLauncher.exe
User:
admin
Company:
Mojang
Integrity Level:
MEDIUM
Description:
Minecraft launcher
Exit code:
0
Version:
1.0.1.0
Modules
Images
c:\program files\minecraft launcher\minecraftlauncher.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\webio.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
1340"C:\Windows\System32\msiexec.exe" /i "C:\Users\admin\AppData\Local\Temp\MinecraftInstaller.msi"C:\Windows\System32\msiexec.exe
explorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows® installer
Exit code:
0
Version:
5.0.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\msiexec.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
1344C:\Windows\system32\MsiExec.exe -Embedding 81ADE924D0DDC7DCA35FD703814E12FC CC:\Windows\system32\MsiExec.exemsiexec.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows® installer
Exit code:
0
Version:
5.0.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\msiexec.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
2216"C:\Program Files\Minecraft Launcher\MinecraftLauncher.exe" --type=renderer --no-sandbox --log-file="C:\Users\admin\AppData\Roaming\.minecraft\launcher_cef_log.txt" --field-trial-handle=1488,3125605726604140704,17702589064726444577,131072 --enable-features=CastMediaRouteProvider --lang=en-US --log-file="C:\Users\admin\AppData\Roaming\.minecraft\launcher_cef_log.txt" --log-severity=info --launcherui --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1812 /prefetch:1C:\Program Files\Minecraft Launcher\MinecraftLauncher.exeMinecraftLauncher.exe
User:
admin
Company:
Mojang
Integrity Level:
MEDIUM
Description:
Minecraft launcher
Exit code:
0
Version:
1.0.1.0
Modules
Images
c:\program files\minecraft launcher\minecraftlauncher.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\webio.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
2388"C:\Program Files\Minecraft Launcher\MinecraftLauncher.exe" --type=gpu-process --field-trial-handle=1488,3125605726604140704,17702589064726444577,131072 --enable-features=CastMediaRouteProvider --no-sandbox --log-file="C:\Users\admin\AppData\Roaming\.minecraft\launcher_cef_log.txt" --log-severity=info --lang=en-US --launcherui --gpu-preferences=MAAAAAAAAADgACAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --log-file="C:\Users\admin\AppData\Roaming\.minecraft\launcher_cef_log.txt" --mojo-platform-channel-handle=1472 /prefetch:2C:\Program Files\Minecraft Launcher\MinecraftLauncher.exeMinecraftLauncher.exe
User:
admin
Company:
Mojang
Integrity Level:
MEDIUM
Description:
Minecraft launcher
Exit code:
0
Version:
1.0.1.0
Modules
Images
c:\program files\minecraft launcher\minecraftlauncher.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\webio.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
2616"C:\Program Files\Minecraft Launcher\MinecraftLauncher.exe" C:\Program Files\Minecraft Launcher\MinecraftLauncher.exe
MsiExec.exe
User:
admin
Company:
Mojang
Integrity Level:
MEDIUM
Description:
Minecraft launcher
Exit code:
3221225547
Version:
1.0.1.0
Modules
Images
c:\program files\minecraft launcher\minecraftlauncher.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\webio.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
3148C:\Windows\system32\MsiExec.exe -Embedding D9D6CEDC51438E8CD0462EE16EE09674C:\Windows\system32\MsiExec.exemsiexec.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Windows® installer
Exit code:
0
Version:
5.0.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\msiexec.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
3788C:\Windows\system32\MsiExec.exe -Embedding A409F516BC99F4C963DF7181C283DF0F M Global\MSI0000C:\Windows\system32\MsiExec.exemsiexec.exe
User:
SYSTEM
Company:
Microsoft Corporation
Integrity Level:
SYSTEM
Description:
Windows® installer
Exit code:
0
Version:
5.0.7600.16385 (win7_rtm.090713-1255)
Modules
Images
c:\windows\system32\msiexec.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
4060"C:\Program Files\Minecraft Launcher\MinecraftLauncher.exe" --type=renderer --no-sandbox --log-file="C:\Users\admin\AppData\Roaming\.minecraft\launcher_cef_log.txt" --field-trial-handle=1488,3125605726604140704,17702589064726444577,131072 --enable-features=CastMediaRouteProvider --lang=en-US --log-file="C:\Users\admin\AppData\Roaming\.minecraft\launcher_cef_log.txt" --log-severity=info --launcherui --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1844 /prefetch:1C:\Program Files\Minecraft Launcher\MinecraftLauncher.exe
MinecraftLauncher.exe
User:
admin
Company:
Mojang
Integrity Level:
MEDIUM
Description:
Minecraft launcher
Exit code:
0
Version:
1.0.1.0
Modules
Images
c:\program files\minecraft launcher\minecraftlauncher.exe
c:\systemroot\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\webio.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
Total events
279
Read events
238
Write events
41
Delete events
0

Modification events

(PID) Process:(1340) msiexec.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\13D\52C64B7E
Operation:writeName:LanguageList
Value:
en-US
(PID) Process:(1340) msiexec.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\13D\52C64B7E
Operation:writeName:@%SystemRoot%\system32\p2pcollab.dll,-8042
Value:
Peer to Peer Trust
(PID) Process:(1340) msiexec.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\13D\52C64B7E
Operation:writeName:@%SystemRoot%\system32\qagentrt.dll,-10
Value:
System Health Authentication
(PID) Process:(1340) msiexec.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\13D\52C64B7E
Operation:writeName:@%SystemRoot%\system32\dnsapi.dll,-103
Value:
Domain Name System (DNS) Server Trust
(PID) Process:(1340) msiexec.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\13D\52C64B7E
Operation:writeName:@%SystemRoot%\System32\fveui.dll,-843
Value:
BitLocker Drive Encryption
(PID) Process:(1340) msiexec.exeKey:HKEY_CLASSES_ROOT\Local Settings\MuiCache\13D\52C64B7E
Operation:writeName:@%SystemRoot%\System32\fveui.dll,-844
Value:
BitLocker Data Recovery Agent
(PID) Process:(1344) MsiExec.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:UNCAsIntranet
Value:
0
(PID) Process:(1344) MsiExec.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Operation:writeName:AutoDetect
Value:
1
(PID) Process:(2616) MinecraftLauncher.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Direct3D\MostRecentApplication
Operation:writeName:Name
Value:
MinecraftLauncher.exe
(PID) Process:(892) MinecraftLauncher.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Direct3D\MostRecentApplication
Operation:writeName:Name
Value:
MinecraftLauncher.exe
Executable files
8
Suspicious files
71
Text files
25
Unknown types
66

Dropped files

PID
Process
Filename
Type
1340msiexec.exeC:\Users\admin\AppData\Local\Temp\MSI9FBB.tmp
MD5:
SHA256:
2616MinecraftLauncher.exeC:\Users\admin\AppData\Local\Temp\MinecraftLauncher\PistonStaging\e6e37e19a04a55944bdfba6f9359bbe0ea8402fccompressed
MD5:9CA3967C2B8C129AE60211DEC8E202CF
SHA256:EFD4C26066D5EC3F103821367F4F23963E2CD9B231DFF3466A8BC13D8BC80396
1340msiexec.exeC:\Users\admin\AppData\Local\Temp\MSIF4D1.tmpexecutable
MD5:785EE78478D43F00870E91FA96B94646
SHA256:B8665993CD5F7224E35C122A5C1965F8C4F2B4D9D41F75160B515E66F9AFFC53
2616MinecraftLauncher.exeC:\Users\admin\AppData\Local\Temp\MinecraftLauncher\PistonStaging\1ad557cecf3d54a5fbe471ceab189d344fef347cpgc
MD5:50A6D9AB74EBFAEDA5BAA28997149977
SHA256:C8F7697BDB4AA19722B975DD2126BAF8C2EDB5C0A58E2D64A6FEFA4CBB8335EC
2616MinecraftLauncher.exeC:\Users\admin\AppData\Local\Temp\MinecraftLauncher\PistonStaging\2da1b18943265f473f6b87b63132dbb2398ff487pgc
MD5:4CEC40309DC9E4BF0F0CC915AEB6C9AC
SHA256:6267CB52B0CA5593CF402139E736EB4F1D6BC3F2EAB4C6DEB99934711050EF4F
2616MinecraftLauncher.exeC:\Users\admin\AppData\Local\Temp\MinecraftLauncher\PistonStaging\a29dee681aac5a851bcec0edc8f859aadd37e8ebcompressed
MD5:4EF56D7FB89225A31101C56159D99239
SHA256:506412E606E7B6A9F05E56286BEF662E43793F0AB79EDBE3373C7E76C13D298D
2616MinecraftLauncher.exeC:\Users\admin\AppData\Local\Temp\MinecraftLauncher\PistonStaging\229367ac0be0a2da9d6338cba6f45c07f790140cpgc
MD5:C294094045246DA46492204F2920D74F
SHA256:8E8882C3D420231E1DDD1329E259CD8DC38FE392727AA74CFA4DF57125D4CFB3
2616MinecraftLauncher.exeC:\Users\admin\AppData\Local\Temp\MinecraftLauncher\PistonStaging\fb5af43ba527f0b03f6e5db0dba870df7acecf77compressed
MD5:DF760DE76F1E594F990079AA61FFA2EF
SHA256:4DBA7F6D91294323755D03E6E6F17A8384E73F38E6577939E703E0ADA0F2A720
2616MinecraftLauncher.exeC:\Users\admin\AppData\Local\Temp\MinecraftLauncher\PistonStaging\a000ac66ef525e08decc62f37bfb0dd031fd8790compressed
MD5:576802788D183533E7121F3D3A3C10A3
SHA256:E985DA20674BA19C45C66F6AD56EC7B6E8437C05F1FE269BF3CEF047E067FD30
2616MinecraftLauncher.exeC:\Users\admin\AppData\Local\Temp\MinecraftLauncher\PistonStaging\91b918c8d9c842535c006cad51fef1f7a4df3df4compressed
MD5:88E34632F0ED3990828CECCDCAA4B411
SHA256:0FD1B7FA3230CF6B124B30E4B5333D66C906301A24E6CCC1356841B48C7FD195
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
0
TCP/UDP connections
20
DNS requests
9
Threats
0

HTTP requests

No HTTP requests
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
2616
MinecraftLauncher.exe
13.225.79.128:443
launchermeta.mojang.com
US
suspicious
2616
MinecraftLauncher.exe
13.224.189.128:443
launcher.mojang.com
US
unknown
2616
MinecraftLauncher.exe
35.188.42.15:443
sentry.io
Google Inc.
US
whitelisted
2616
MinecraftLauncher.exe
152.199.21.175:443
piston-meta.mojang.com
MCI Communications Services, Inc. d/b/a Verizon Business
US
whitelisted
2616
MinecraftLauncher.exe
52.184.201.245:443
title.mgt.xboxlive.com
Microsoft Corporation
US
unknown
2616
MinecraftLauncher.exe
40.91.79.216:443
device.auth.xboxlive.com
Microsoft Corporation
US
unknown
2616
MinecraftLauncher.exe
13.107.213.19:443
launchercontent.mojang.com
Microsoft Corporation
US
suspicious
304
MinecraftLauncher.exe
13.107.246.19:443
launchercontent.mojang.com
Microsoft Corporation
US
suspicious

DNS requests

Domain
IP
Reputation
launchermeta.mojang.com
  • 13.225.79.128
whitelisted
launcher.mojang.com
  • 13.224.189.128
whitelisted
sentry.io
  • 35.188.42.15
whitelisted
piston-meta.mojang.com
  • 152.199.21.175
suspicious
title.mgt.xboxlive.com
  • 52.184.201.245
unknown
device.auth.xboxlive.com
  • 40.91.79.216
unknown
launchercontent.mojang.com
  • 13.107.213.19
  • 13.107.246.19
whitelisted

Threats

No threats detected
Process
Message
MinecraftLauncher.exe
[0321/212343.506:INFO:main_context.cpp(136)] CEF initialized successfully.
MinecraftLauncher.exe
[0321/212343.506:INFO:main_context.cpp(138)] CEF version: 85.3.13+gcd6cbe0+chromium-85.0.4183.121
MinecraftLauncher.exe
[0321/212344.287:ERROR:gl_surface_egl.cc(741)] EGL Driver message (Critical) eglInitialize: No available renderers.
MinecraftLauncher.exe
[0321/212344.287:ERROR:gl_surface_egl.cc(1247)] eglInitialize D3D11 failed with error EGL_NOT_INITIALIZED, trying next display type
MinecraftLauncher.exe
[0321/212345.412:ERROR:gl_surface_egl.cc(741)] EGL Driver message (Critical) eglInitialize: No available renderers.
MinecraftLauncher.exe
[0321/212345.412:ERROR:gl_surface_egl.cc(1247)] eglInitialize D3D9 failed with error EGL_NOT_INITIALIZED
MinecraftLauncher.exe
[0321/212345.412:ERROR:gl_initializer_win.cc(196)] GLSurfaceEGL::InitializeOneOff failed.
MinecraftLauncher.exe
[0321/212345.412:ERROR:viz_main_impl.cc(150)] Exiting GPU process due to errors during initialization
MinecraftLauncher.exe
[0321/212408.964:INFO:LauncherAppRenderer.cpp(505)] OnContextReleased: no frame (unknown context), browser id=1
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
MinecraftInstaller.msi