» setup_plugin_java.exe
Overview
Analysis
File Details
Downloads (1)

setup_plugin_java.exe

WindowsApplication1

The executable setup_plugin_java.exe has been detected as malware by 27 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from javaupdate.jelastic.dogado.eu.

File name:

Product:

WindowsApplication1

Version:

1.0.0.0

MD5:

af8a57a280e250622f63b1bc453a7bce

SHA-1:

c57199b6dd934e499b7af3537c7bdb7c67460cbf

SHA-256:

88b885d3e3638394829e41f65aa89d4a61f37565c4a721985ec36a601f05a3d4

Scanner detections:

27 / 68

Status:

Malware

Analysis date:

7/12/2025 10:43:53 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2175827

267

Agnitum Outpost

Trojan.DL.Small

7.1.1

Avira AntiVirus

TR/Dldr.Agent.22016.41

7.11.213.62

avast!

Win32:Dropper-gen [Drp]

2014.9-160512

AVG

Downloader.MSIL

2017.0.2745

Baidu Antivirus

Trojan.Win32.Downloader

4.0.3.16512

Bitdefender

Trojan.GenericKD.2175827

1.0.20.665

Emsisoft Anti-Malware

Trojan.GenericKD.2175827

8.16.05.12.05

ESET NOD32

MSIL/TrojanDownloader.Agent.ALL

10.11260

Fortinet FortiGate

MSIL/Agent.ALL!tr.dldr

5/12/2016

F-Secure

Trojan.GenericKD.2175827

11.2016-12-05_5

G Data

Trojan.GenericKD.2175827

16.5.25

IKARUS anti.virus

Trojan-Downloader.MSIL.Agent

t3scan.1.8.6.0

K7 AntiVirus

Trojan-Downloader

13.200.15139

Kaspersky

Trojan-Downloader.MSIL.Small

14.0.0.221

Malwarebytes

Trojan.Downloader.IDF

v2016.05.12.05

McAfee

Artemis!AF8A57A280E2

5600.6401

Microsoft Security Essentials

TrojanDownloader:MSIL/Banload.M

1.1.11400.0

MicroWorld eScan

Trojan.GenericKD.2175827

17.0.0.399

NANO AntiVirus

Trojan.Win32.Siggen3.dobfng

0.30.0.296

Norman

Troj_Generic.YVMLW

11.20160512

nProtect

Trojan.GenericKD.2175827

15.03.03.01

Qihoo 360 Security

Win32/Trojan.Multi.daf

1.0.0.1015

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R02KC0DBS15

7.2.133

Trend Micro

TROJ_GEN.R02KC0DBS15

10.465.12

VIPRE Antivirus

Trojan.Win32.Generic

38072

File size:

21.5 KB (22,016 bytes)

Product version:

1.0.0.0

Original file name:

Tco03.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\setup_plugin_java.exe

File PE Metadata

Compilation timestamp:

2/18/2015 10:34:38 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:iRlfJQqzuNNVriOEPnFVU85BXmyWayJLk245Bza3X3u85TJrtwksw:izfaqqN5EdVU0X+NQvExy

Entry address:

0x608E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

16.5 KB (16,896 bytes)

The file setup_plugin_java.exe has been seen being distributed by the following URL.

http://javaupdate.jelastic.dogado.eu/setup_plugin_java.exe

Remove setup_plugin_java.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.