home

javaw.exe

Java Platform SE 7 U51

Oracle America, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from s6720.chomikuj.pl.
Publisher:
Oracle Corporation  (signed by Oracle America, Inc.)

Product:
Java(TM) Platform SE 7 U51

Description:
Java(TM) Platform SE binary

Version:
7.0.510.13

MD5:
83eefe83438aef9fbb7613a106c5e5bb

SHA-1:
6950eb8317e2bc348168711661a9e2a40dd4c04b

SHA-256:
964d4ea6e328d1ccfaaeca6a8e7f1bfb4adac458413d117c62e06fa6be43eac8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 3:16:03 PM UTC  (today)

File size:
184.9 KB (189,352 bytes)

Product version:
7.0.510.13

Copyright:
Copyright © 2013

Original file name:
javaw.exe

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\java\jre7\bin\javaw.exe

Digital Signature
Signed by:
Oracle America, Inc.

Authority:
VeriSign, Inc.

Valid from:
6/8/2013 2:00:00 AM

Valid to:
8/7/2016 1:59:59 AM

Subject:
CN="Oracle America, Inc.", OU=Software Engineering, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Oracle America, Inc.", L=Redwood Shores, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0A4F987A769E4A353B26878A3BD3D3DE

File PE Metadata
Compilation timestamp:
12/19/2013 3:47:20 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:Ab8KWPFjZhCPyC0EwcigD2TeQ4WjSz8uFc1u337BTBfugsZFfatyjZqMNQcI:28VQ50Euy2TT4/AD1u337BTBwZvjI

Entry address:
0x9F10

Entry point:
48, 83, EC, 28, E8, BB, 56, 00, 00, 48, 83, C4, 28, E9, 52, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 66, 66, 0F, 1F, 84, 00, 00, 00, 00, 00, 48, 8B, C1, 48, F7, D9, 48, A9, 07, 00, 00, 00, 74, 0F, 66, 90, 8A, 10, 48, FF, C0, 84, D2, 74, 5F, A8, 07, 75, F3, 49, B8, FF, FE, FE, FE, FE, FE, FE, 7E, 49, BB, 00, 01, 01, 01, 01, 01, 01, 81, 48, 8B, 10, 4D, 8B, C8, 48, 83, C0, 08, 4C, 03, CA, 48, F7, D2, 49, 33, D1, 49, 23, D3, 74, E8, 48, 8B, 50, F8, 84, D2, 74...
 
[+]

Code size:
99.5 KB (101,888 bytes)

Shell Open Command
Open type:
jarfile

Command:
"C:\Program Files\java\jre7\bin\javaw.exe" -jar "%1" %*


The file javaw.exe has been discovered within the following programs.

Java 7 Update 55  by Oracle Corporation
Publisher's description - “The Java Runtime Environment (JRE) provides the libraries, the Java Virtual Machine, and other components to run applets and applications written in the Java programming language.”
java.com
10% remove it
Jitsi  by Jitsi
Publisher's description - “Jitsi is Open Source / Free Software, and is available under the terms of the LGPL. Jitsi (formerly SIP Communicator) is an audio/video and chat communicator that supports protocols such as SIP, XMPP/Jabber, AIM/ICQ, Windows Live, Yahoo! and many other useful features.”
4% remove it
LOGO! Soft Comfort v7  by Siemens
About 3% of users remove it
solidThinking 2015 4945  by solidThinking, Inc.
www.solidthinking.com
About 5% of users remove it
solidThinking 2015 4947  by solidThinking, Inc.
About 7% of users remove it
Strange Eons 3744  by Christopher G. Jennings
cgjennings.ca
About 9% of users remove it
ThinkingCommunicator  by BlueJimp
27% remove it
VMware vSphere Host Client  by VMware, Inc.
www.vmware.com
9% remove it
 
Powered by Should I Remove It?

The file javaw.exe has been seen being distributed by the following URL.

http://s6720.chomikuj.pl/File.aspx?e=aEUc8XpZCGhQcRyafNYbD50nW5-a6vpXnKKd6bLlCKBZv2-g1KYpwu20BXi5n8hpcN4WRIYuw_UjKj-BSYBaz0avm4NR7M9L6Of4SOgxoiiO3V_GM4W54zKxP3CzttxjprnLPyeLutsjPipcvt3xoQ&pv=2

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.