» java.exe
Overview
Analysis
File Details
Downloads (1)

java.exe

The application java.exe has been detected as a potentially unwanted program by 24 anti-malware scanners. This is a setup program which is used to install the application. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from www.lateanteviru.com.

File name:

java.exe

MD5:

4bcd32d3e9c147aeef9956094f8628b5

SHA-1:

8dfef7818c4a194a675ea04e5b12a3dbd8b1f765

SHA-256:

4e86dd6fe261b075bc64ae71a9a91e543ec8c5086da51bdde03617ad3a81723d

Scanner detections:

24 / 68

Status:

Potentially unwanted

Analysis date:

4/27/2024 4:22:38 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Bundler.DomaIQ.3

1005

Agnitum Outpost

PUA.DomaIQ

7.1.1

AhnLab V3 Security

PUP/Win32.DomaIQ

14.05.05

Avira AntiVirus

APPL/DomaIQ.Gen

7.11.146.238

AVG

DomaIQ

2015.0.3483

Bitdefender

Gen:Variant.Application.Bundler.DomaIQ.3

1.0.20.625

Comodo Security

Application.Win32.DomaIQ.PUP

18209

Dr.Web

Adware.Downware.2630

9.0.1.0125

ESET NOD32

Win32/DomaIQ.BB (variant)

8.9753

F-Secure

Gen:Variant.Application.Bundler

11.2014-05-05_2

G Data

Gen:Variant.Application.Bundler.DomaIQ

14.5.24

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.6.1.0

K7 AntiVirus

Unwanted-Program

13.177.11965

Kaspersky

not-a-virus:AdWare.MSIL.DomaIQ

14.0.0.3911

Malwarebytes

PUP.Optional.DomaIQ

v2014.05.05.07

McAfee

Artemis!A568391114B9

5600.7139

MicroWorld eScan

Gen:Variant.Application.Bundler.DomaIQ.3

15.0.0.375

Panda Antivirus

PUP/MultiToolbar.A

14.05.05.07

Reason Heuristics

Threat.Win.Reputation.IMP

14.5.5.19

Sophos

Generic PUA AH

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10623

Vba32 AntiVirus

Downware.DomaIQ

3.12.26.0

VIPRE Antivirus

DomaIQ

28812

Zillya! Antivirus

Adware.DomaIQ.Win32.222

2.0.0.1776

File size:

619.9 KB (634,752 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\java.exe

File PE Metadata

Compilation timestamp:

4/11/2014 7:55:38 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:mHL7anD8b/2lQbZtUaQ9e0CjGO5951fWjjkcwZEV1lJwgYp:8SnD8rAe0CjGA9fWXkclV1lJG

Entry address:

0x2E4D

Entry point:

E8, FC, 1E, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, 82, 04, 00, 00, 3B, 0D, AC, 31, 42, 00, 75, 02, F3, C3, E9, 73, 1F, 00, 00, 8B, FF, 55, 8B, EC, 8B, 45, 14, 56, 57, 33, FF, 3B, C7, 74, 47, 39, 7D, 08, 75, 1B, E8, C3, 25, 00, 00, 6A, 16, 5E, 89, 30, 57, 57, 57, 57, 57, E8, 31, 25, 00, 00, 83, C4, 14, 8B, C6, EB, 29, 39, 7D, 10, 74, E0, 39, 45, 0C, 73, 0E, E8, 9E, 25, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, D7, 50, FF, 75, 10, FF, 75, 08, E8, 2B, 20, 00, 00, 83, C4, 0C, 33, C0, 5F, 5E, 5D... 
[+]

Code size:

111 KB (113,664 bytes)

The file java.exe has been seen being distributed by the following URL.

http://www.lateanteviru.com/.../Java.exe

Remove java.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.