» java_setup.exe
Overview
Analysis
File Details
Downloads (1)

java_setup.exe

The application java_setup.exe has been detected as a potentially unwanted program by 35 anti-malware scanners. This program installs potentially unwanted software on your PC at the same time as the software you are trying to install, without adequate consent. The file has been seen being downloaded from secure.15-pn-installer.com.

File name:

java_setup.exe

MD5:

88da51ca17afcb41b26f48220a419669

SHA-1:

f6702b2780b6a99f0a01d824860d1d59a9d2e9af

SHA-256:

6539b7fb88a309e48db42af04d38c643d3bd909b91c1b528bc7dc739ea01dfef

Scanner detections:

35 / 68

Status:

Potentially unwanted

Analysis date:

4/19/2024 11:08:30 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Adware.Symmi.44025

828

Agnitum Outpost

PUA.iBryte

7.1.1

AhnLab V3 Security

PUP/Win32.OptimumInstaller

2014.07.13

Avira AntiVirus

TR/Trash.Gen

7.11.30.172

avast!

Win32:IBryte-EE [PUP]

141025-0

AVG

Adware AdPlugin

2015.0.3306

Bitdefender

Gen:Variant.Adware.Symmi.44025

1.0.20.1515

Bkav FE

W32.VikesluLTAH.Adware

1.3.0.4959

Clam AntiVirus

Win.Adware.Ibryte-678

0.98/19246

Comodo Security

TrojWare.Win32.IBryte.AE

18809

Dr.Web

Trojan.DownLoader11.25708

9.0.1.0303

Emsisoft Anti-Malware

Application.Bundler.OptimumInstaller.K

8.14.10.30.10

ESET NOD32

Win32/AdWare.iBryte.AN application

8.7.0.302.0

F-Prot

W32/A-c255719d

v6.4.7.1.166

F-Secure

Application.Bundler.AO

11.2014-30-10_5

G Data

Win32.Adware.IBryte

14.10.24

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.6.1.0

K7 AntiVirus

Unwanted-Program

13.180.12657

Kaspersky

not-a-virus:AdWare.Win32.iBryte

14.0.0.3023

Malwarebytes

PUP.Optional.OptimumInstaller.A

v2014.10.30.10

McAfee

Trojan.Artemis!48B17064A988

5600.6962

MicroWorld eScan

Gen:Variant.Adware.Symmi.44025

15.0.0.909

NANO AntiVirus

Riskware.Win32.IBryte.dbjabf

0.28.0.60698

Norman

IBryte.PDB

11.20141030

nProtect

Trojan-Clicker/W32.iBryte.227192

14.08.14.01

Panda Antivirus

Trj/Genetic.gen

14.10.30.10

Qihoo 360 Security

Malware.QVM10.Gen

1.0.0.1015

Quick Heal

Adware.iBryte.DK4

10.14.14.00

Reason Heuristics

Threat.Win.Reputation.IMP

14.10.30.10

Rising Antivirus

PE:Malware.Agent!6.175E

23.00.65.141028

Sophos

iBryte Optimum Installer

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Nullo[Short]

10267

Vba32 AntiVirus

Signed-Adware.iBryte

3.12.26.3

VIPRE Antivirus

Threat.4778314

31088

Zillya! Antivirus

Backdoor.PePatch.Win32.38062

2.0.0.1851

File size:

94.9 KB (97,144 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\java_setup.exe

File PE Metadata

Compilation timestamp:

7/31/2014 6:25:53 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1536:59o8OdEjn3Z6ZaPuSC6OPKjdE27KFcMENF5yeOv:vo8OdEjn3caPrOPKjd4gyes

Entry address:

0x5FFD

Entry point:

E8, 46, 05, 00, 00, E9, 36, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 08, A2, 40, 00, 89, 0D, 04, A2, 40, 00, 89, 15, 00, A2, 40, 00, 89, 1D, FC, A1, 40, 00, 89, 35, F8, A1, 40, 00, 89, 3D, F4, A1, 40, 00, 66, 8C, 15, 20, A2, 40, 00, 66, 8C, 0D, 14, A2, 40, 00, 66, 8C, 1D, F0, A1, 40, 00, 66, 8C, 05, EC, A1, 40, 00, 66, 8C, 25, E8, A1, 40, 00, 66, 8C, 2D, E4, A1, 40, 00, 9C, 8F, 05, 18, A2, 40, 00, 8B, 45, 00, A3, 0C, A2, 40, 00, 8B, 45, 04, A3, 10, A2, 40, 00, 8D, 45, 08, A3, 1C, A2, 40... 
[+]

Entropy:

5.4727

Code size:

23.5 KB (24,064 bytes)

The file java_setup.exe has been seen being distributed by the following URL.

http://secure.15-pn-installer.com/o/.../java_setup.exe

Remove java_setup.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.