» java-install.exe
Overview
Analysis
File Details
Downloads (2)

java-install.exe

The executable java-install.exe has been detected as malware by 16 anti-virus scanners. This is a setup and installation application, however the file is not signed with an authenticode signature from a trusted source. The file has been seen being downloaded from www.4shared.com and multiple other hosts.

File name:

java-install.exe

MD5:

11156835946585704738e7e0f209e235

SHA-1:

e759ea10cce47af56039db4a4b5e4ac0a1ca2204

SHA-256:

9206995496f1cba1dd2e1b52da4c8aba7ed9210e554c0f4030e98ff5883a043c

Scanner detections:

16 / 68

Status:

Malware

Analysis date:

4/19/2024 11:33:48 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Symmi.53495

385

AhnLab V3 Security

Trojan/Win32.Dynamer

2015.12.06

Arcabit

Trojan.Symmi.DD0F7

1.0.0.628

avast!

Win32:Banker-MPF [Trj]

2014.9-160116

Baidu Antivirus

Trojan.Win32.Banload

4.0.3.16116

Bitdefender

Gen:Variant.Symmi.53495

1.0.20.80

Emsisoft Anti-Malware

Gen:Variant.Symmi.53495

8.16.01.16.07

ESET NOD32

Win32/TrojanDownloader.Banload.WTT (variant)

10.12676

F-Secure

Gen:Variant.Symmi.53495

11.2016-16-01_7

G Data

Gen:Variant.Symmi.53495

16.1.25

IKARUS anti.virus

Trojan-Downloader.Win32.Banload

t3scan.1.9.5.0

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.809

Malwarebytes

Trojan.Banload.IM

v2016.01.16.07

MicroWorld eScan

Gen:Variant.Symmi.53495

17.0.0.48

Qihoo 360 Security

HEUR/QVM05.1.Malware.Gen

1.0.0.1077

Vba32 AntiVirus

suspected of Trojan.Downloader.gen.h

3.12.26.4

File size:

788 KB (806,912 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\java-install.exe

File PE Metadata

Compilation timestamp:

6/19/1992 7:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

24576:0lm/B8W5AhLWyiEyGCnPJr8sTU+NxMd6y:0cqiSy/nR/TPbC6y

Entry address:

0xA810C

Entry point:

55, 8B, EC, 83, C4, F0, B8, E4, 7D, 4A, 00, E8, 74, EA, F5, FF, A1, D0, 0F, 4B, 00, 8B, 00, E8, 50, 09, FC, FF, A1, D0, 0F, 4B, 00, 8B, 00, C6, 40, 5B, 00, 8B, 0D, 0C, 11, 4B, 00, A1, D0, 0F, 4B, 00, 8B, 00, 8B, 15, AC, 40, 49, 00, E8, 45, 09, FC, FF, 8B, 0D, 4C, 11, 4B, 00, A1, D0, 0F, 4B, 00, 8B, 00, 8B, 15, A8, 78, 4A, 00, E8, 2D, 09, FC, FF, A1, D0, 0F, 4B, 00, 8B, 00, E8, A1, 09, FC, FF, E8, 00, C3, F5, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

668.5 KB (684,544 bytes)

The file java-install.exe has been seen being distributed by the following 2 URLs.

http://www.4shared.com/download/.../Java-Install.exe

Remove java-install.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.