» flyordiejavainstaller64.exe
Overview
Analysis
File Details
Downloads (1)

flyordiejavainstaller64.exe

Solware IT Ltd

File name:

Publisher:

Solware IT Ltd (signed and verified)

MD5:

5318ebf4a4e3241b98e6685a993251e9

SHA-1:

748176a85e5a168f1425e0fb8140fc2bd3244033

SHA-256:

26f7e0e159de437a2a7ce0b8aba1c439229a7b70c28ac451b4fd56e614eff58f

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/26/2024 7:08:58 PM UTC (today)

File size:

32.2 KB (32,928 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\downloads\flyordiejavainstaller64.exe

Digital Signature

Signed by:

Solware IT Ltd

Authority:

GlobalSign nv-sa

Valid from:

12/22/2014 5:42:21 PM

Valid to:

1/21/2018 6:31:01 PM

Subject:

CN=Solware IT Ltd, OU=FlyOrDie Games, O=Solware IT Ltd, L=Godollo, S=Pest, C=HU

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121BBC23E720710A66329CA17FAB6EC450C

File PE Metadata

Compilation timestamp:

4/2/2015 4:58:17 PM

OS version:

5.2

OS bitness:

Win64

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

384:uonsy7kFlF90L/myXOE5nHXHXfTec2to1uRPDlng6ZIvlDMNqmaT+HgeWAGnLr3+:RsljADaPhfZydMsT+Hgd/HZyL

Entry address:

0x2440

Entry point:

48, 83, EC, 58, 33, C9, FF, 15, 54, 0C, 00, 00, 48, 8B, C8, E8, FC, FC, FF, FF, 85, C0, 74, 5D, E8, 73, F5, FF, FF, 48, 8D, 4C, 24, 20, 45, 33, C9, 45, 33, C0, 33, D2, FF, 15, 50, 0D, 00, 00, 85, C0, 74, 2D, 48, 8D, 4C, 24, 20, FF, 15, 49, 0D, 00, 00, 48, 8D, 4C, 24, 20, FF, 15, 7E, 0C, 00, 00, 48, 8D, 4C, 24, 20, 45, 33, C9, 45, 33, C0, 33, D2, FF, 15, 23, 0D, 00, 00, 85, C0, 75, D3, 48, 8B, 0D, 00, 1E, 01, 00, 48, 8D, 15, F9, 0E, 00, 00, FF, 15, 63, 0B, 00, 00, 33, C9, FF, 15, 8B, 0B, 00, 00, CC, CC, CC... 
[+]

Entropy:

5.7769

Code size:

7 KB (7,168 bytes)

The file flyordiejavainstaller64.exe has been seen being distributed by the following URL.

http://www.flyordie.com/games/.../FlyordieJavaInstaller64.exe

Scan flyordiejavainstaller64.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.