» air111.exe
Overview
Analysis
File Details
Programs (1)
Downloads (71)

air111.exe

Java Platform SE 7

Oracle America, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from download.apphit.com and multiple other hosts.

File name:

air111.exe

Publisher:

Oracle Corporation (signed by Oracle America, Inc.)

Product:

Java(TM) Platform SE 7

Description:

Java(TM) Platform SE binary

Version:

7.0.0.147

MD5:

437a642ccd729090ac98ec7b770c8ddc

SHA-1:

0faa00705651531c831380a6af83b564b995ecb0

SHA-256:

6b36461ccdc494f5ffb73fb80f7ba8c22c1889077f002380f896182135669f87

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 5:10:01 AM UTC (today)

File size:

19.3 MB (20,196,744 bytes)

Product version:

7.0.0.147

Original file name:

jinstall.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\air111.exe

Digital Signature

Signed by:

Oracle America, Inc.

Authority:

VeriSign, Inc.

Valid from:

7/7/2010 5:30:00 AM

Valid to:

7/7/2013 5:29:59 AM

Subject:

CN="Oracle America, Inc.", OU=Software Engineering, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Oracle America, Inc.", L=Redwood Shores, S=California, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

5EF1DC1EFB1E46B5DE80EDE1762A55A7

File PE Metadata

Compilation timestamp:

6/27/2011 4:24:37 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

393216:lsyUayzhqJFum7SiMzw1twWeLYsOO/WoiPruYwdIp:lsyUT8am+c7l5sQoijUI

Entry address:

0x178B0

Entry point:

E8, EA, 6D, 00, 00, E9, 89, FE, FF, FF, 6A, 0C, 68, 38, DD, 42, 00, E8, 7A, 0A, 00, 00, 6A, 0E, E8, C7, 30, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, 28, 31, 43, 00, BA, 24, 31, 43, 00, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, A3, BE, FF, FF, 59, FF, 76, 04, E8, 9A, BE, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE, FF, FF, FF, E8, 0A, 00, 00, 00, E8, 69, 0A, 00, 00, C3, 8B, D0, EB, C5, 6A, 0E, E8, 93, 2F, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 8B... 
[+]

Entropy:

7.8801 (probably packed)

Code size:

145 KB (148,480 bytes)

The file air111.exe has been discovered within the following program.

Edna & Harvey: The Breakout by Daedalic Entertainment

Edna & Harvey: The Breakout is a Windows PC video game published by Daedalic.

edna.daedalic.de

About 4% of users remove it

The file air111.exe has been seen being distributed by the following 50 URLs.

http://download.apphit.com/166/.../Java_Runtime_Environment_1_7_0_0_32_bit.exe

http://s7089.chomikuj.pl/File.aspx?e=hLF73QRR-pXg2XWMJN9BqEzT0FAFTRuhZjfTScbjhNV-hQnxynhR3kIdzVNgOLneYmRP8900o19R4OMUq6JBWj4rdgWhi0j-aDPF_ceyjy6HMsPZTVZ9STxihelPT2NKnHQ42P5NLouZq8jP4dIKZA&pv=2

http://filehippo.com/fr/download/file/.../

http://s7089.chomikuj.pl/File.aspx?e=hLF73QRR-pXg2XWMJN9BqEzT0FAFTRuhZjfTScbjhNV24IKhTSee0iGCe65W41NSgNeTQJ36yhG_XRjpiAOrgrJ6xeHJYiEMwZ24_IE_gEvWAmQCkAdFjN8C90DhB7HlQ21VfEZ4eoP1oJtXAcDnrw&pv=2

http://filehippo.com/download/file/.../

http://s7089.chomikuj.pl/File.aspx?e=hLF73QRR-pXg2XWMJN9BqEzT0FAFTRuhZjfTScbjhNXIk2BLz0gjuIduuoC6gChaT0mLSrmtS8kbAjT-m2s93uT2QrNbAzuBiHYdIzG-idWSO3Sx886fkH1fNMgYiVnRW1vtNd60xtQ-6yYBEQ46XA&pv=2

http://192.168.1.210:7777/forms/.../jre-7-windows-i586.exe

http://filehippo.com/download/file/.../

http://usite.mirror.hu/.../Oracle-Sun.Java-1.7.exe

http://172.16.0.205/jre.exe

http://filehippo.com/download/file/.../

http://s7089.chomikuj.pl/File.aspx?e=hLF73QRR-pXg2XWMJN9BqEzT0FAFTRuhZjfTScbjhNV6bZFmiX-zDV6XWCx5wjiCYsXAyCtBlLeCHlGODMdwz_53OTglFOZVpKE9iWlO9XEAtRH9SKGiMObDMizQYWzXScN38VoY3HF9JRe0iAujvg&pv=2

http://www.londrisoft.com/.../java32.exe

http://filehippo.com/fr/download/file/.../

http://fnetae:9080/WorkplaceXT/.../jre-7-windows-i586.exe

http://s7089.chomikuj.pl/File.aspx?e=hLF73QRR-pXg2XWMJN9BqEzT0FAFTRuhZjfTScbjhNUaCw4i_cUQ9ZBg2XippExz__6WgmJypZt1Bbo3XOZAWYihdP5BE6Rca27h0-X86hnFr3TRYWbcPHSsq_ac1ToCng55ZJza4S6OD52wePMdYQ&pv=2

https://mercurio.europassistance.it/client/dir/.../jre-7-windows-i586.exe

http://s7089.chomikuj.pl/File.aspx?e=hLF73QRR-pXg2XWMJN9BqEzT0FAFTRuhZjfTScbjhNVqj2s6Dw7j58v0CXYo6OhkxH0SgKdhqqqC0P5dB203XCJRFf8xMQxKXwj2w9vTLoKaywImIJ3kIhVaArDVWOPcPf38iKrA1zyT9tevUY-iFQ&pv=2

http://filehippo.com/fr/download/file/.../

http://s7089.chomikuj.pl/File.aspx?e=hLF73QRR-pXg2XWMJN9BqEzT0FAFTRuhZjfTScbjhNX9bQatcAPOzotvQaqeAYm-A-2kjuer-7WjAaUVyRBZ2sDe3PFsHnUgzsZeG1JcvWjVUGjs6EX3afo8nsxyfbkqCMaLzfOPUsxqh28n349kqA&pv=2

http://62.251.174.71/.../jre-7-windows-i586.exe

http://www.capitalvaultsbits.com/5a37nO6_WJ2taoRuQgm AvR9 Va8CcBv3kI vi05CQRPXsvv5vyPT 5XoDolGb2V035AnN5gZhxc1gE5XeRjyuj2Z4l1buvl9bBSGjjsVCXK6O5HhVXjpHAmWyfal_4zg3ep_w6nDcmuI9ktZd1R xvTkFNQCEHnvAdcXY7ZUFm8GOgGjyXD_EXTNy3OC0X_qNTdGrS8AGROXTw6WIcC1EEe5joxbQ==-GzoAAERveH52OK8lhRI5gEMO2L89gZRCDzbGztQR0cs1JvzIvooN0lB83oNi2ynr2Y0F

http://filehippo.com/download/file/.../

http://s7089.chomikuj.pl/File.aspx?e=hLF73QRR-pXg2XWMJN9BqEzT0FAFTRuhZjfTScbjhNUj85LZf7sv-_ajFF7JdeR-rmHDYS3aImBGi6WjqIhEwNYEFJiB5Yxdes6jm0k9Jh-k4_XFvM6uFCo1Ot_obOlNz-ksn8ZAEXjTNtJBau--LA&pv=2

http://filehippo.com/download/file/.../

http://sd-cf.softonic.com/9000/9160/.../jre-7-windows-i586.exe

http://s7089.chomikuj.pl/File.aspx?e=hLF73QRR-pXg2XWMJN9BqEzT0FAFTRuhZjfTScbjhNWjEOnjYzA7bV-lleMGYbtjiolj5sPcqZQ1qKv1W4gn5_SZQSMHUg8DyjDjMjyMDnJvqJhjpIt1JcynhZVYKUwIekBLEamPaZ5kJXqQbshrvg&pv=2

http://dc263.4shared.com/download/.../jre-7-windows-i586.exe

Latest 30 of 71 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.