× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 04d0e6204c7d2cfebbf1f57a7badf09117141e296ac459fb57ddf354fea95844
File name: java
Detection ratio: 51 / 69
Analysis date: 2018-08-10 11:33:35 UTC ( 4 months, 1 week ago )
Antivirus Result Update
Ad-Aware Gen:Variant.Razy.233947 20180810
AhnLab-V3 Trojan/Win32.Agent.R136046 20180810
ALYac Gen:Variant.Razy.233947 20180810
Antiy-AVL Trojan/Win32.AGeneric 20180810
Arcabit Trojan.Razy.D391DB 20180810
Avast Win32:Heim 20180810
AVG Win32:Heim 20180810
Avira (no cloud) HEUR/AGEN.1017400 20180810
AVware Trojan.Win32.Generic!BT 20180810
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9999 20180810
BitDefender Gen:Variant.Razy.233947 20180810
CAT-QuickHeal Trojan.Skeeyah.S2163200 20180810
ClamAV Win.Trojan.Agent-1261076 20180810
Comodo TrojWare.Win32.Dofoil.AC 20180810
CrowdStrike Falcon (ML) malicious_confidence_100% (D) 20180723
Cybereason malicious.3406e0 20180225
Cylance Unsafe 20180810
Cyren W32/S-b033f054!Eldorado 20180810
DrWeb Trojan.PWS.Tinba.622 20180810
Emsisoft Gen:Variant.Razy.233947 (B) 20180810
Endgame malicious (high confidence) 20180730
ESET-NOD32 a variant of Win32/Kryptik.CZFV 20180810
F-Prot W32/S-b033f054!Eldorado 20180810
F-Secure Gen:Variant.Razy.233947 20180810
Fortinet W32/Kryptik.CZFV!tr 20180810
GData Gen:Variant.Razy.233947 20180810
Ikarus Trojan.Win32.Crypt 20180810
Sophos ML heuristic 20180717
K7AntiVirus Trojan ( 004b9f111 ) 20180810
K7GW Trojan ( 004b9f111 ) 20180810
Kaspersky HEUR:Trojan.Win32.Generic 20180810
Malwarebytes Trojan.FakeJava.ED 20180810
MAX malware (ai score=89) 20180810
McAfee GenericRXEO-DY!A43D5043406E 20180810
McAfee-GW-Edition BehavesLike.Win32.Packed.nm 20180810
Microsoft TrojanDownloader:Win32/Dofoil.AC 20180810
NANO-Antivirus Trojan.Win32.Tinba.eyebsm 20180810
Panda Trj/Genetic.gen 20180810
Qihoo-360 HEUR/QVM20.1.172F.Malware.Gen 20180810
Rising Backdoor.Hupigon!8.B57 (RDM+:cmRtazqcB5/1ViC+c3j0hBVfusp3) 20180810
SentinelOne (Static ML) static engine - malicious 20180701
Sophos AV Mal/Tinba-AD 20180810
SUPERAntiSpyware Trojan.Agent/Gen-Kryptik 20180810
Symantec ML.Attribute.HighConfidence 20180810
TheHacker Trojan/Kryptik.czfv 20180807
VBA32 TrojanPSW.Tinba 20180808
VIPRE Trojan.Win32.Generic!BT 20180810
Webroot W32.Trojan.Gen 20180810
Yandex Trojan.Agent!9NxOKZTL438 20180810
Zillya Trojan.Kryptik.Win32.1363524 20180809
ZoneAlarm by Check Point HEUR:Trojan.Win32.Generic 20180810
AegisLab 20180810
Alibaba 20180713
Avast-Mobile 20180810
Babable 20180725
Bkav 20180810
CMC 20180810
eGambit 20180810
Jiangmin 20180810
Kingsoft 20180810
eScan 20180810
Palo Alto Networks (Known Signatures) 20180810
Symantec Mobile Insight 20180809
TACHYON 20180810
Tencent 20180810
TotalDefense 20180810
TrendMicro 20180810
TrendMicro-HouseCall 20180810
Trustlook 20180810
ViRobot 20180810
Zoner 20180810
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows command line subsystem.
FileVersionInfo properties
Copyright
Copyright © 2012

Product Java(TM) Platform SE 6 U31
Original name java.exe
Internal name java
File version 6.0.310.5
Description Java(TM) Platform SE binary
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-07-25 07:31:06
Entry Point 0x00005C60
Number of sections 6
PE sections
PE imports
GetDeviceCaps
GetPrivateProfileSectionNamesA
IsProcessorFeaturePresent
DosDateTimeToFileTime
GetShortPathNameW
UpdateResourceW
FreeLibrary
GetNumberOfConsoleInputEvents
DebugBreak
GetVolumePathNameA
MoveFileWithProgressA
GetFileAttributesW
CreatePipe
GetDateFormatA
OpenFileMappingW
CancelDeviceWakeupRequest
SetCommMask
HeapSize
BackupRead
AddAtomW
GetTempFileNameW
SuspendThread
GlobalAddAtomW
WritePrivateProfileStructA
WriteFile
SetConsoleTitleA
MulDiv
FreeConsole
lstrcpynA
UnlockFileEx
GetExitCodeProcess
QueryDosDeviceA
EnumLanguageGroupLocalesW
SetComputerNameExA
CreateEventA
GetLongPathNameA
LocalHandle
GetProfileIntA
EnumDateFormatsA
SetLocaleInfoW
GetCurrencyFormatW
EnumUILanguagesW
mciGetDeviceIDFromElementIDW
mixerGetLineControlsW
waveOutReset
auxGetVolume
mmioWrite
GetDriverModuleHandle
waveOutGetDevCapsA
mmioDescend
timeSetEvent
midiOutSetVolume
mciSendStringA
waveInGetErrorTextA
mixerGetLineInfoA
midiConnect
waveOutOpen
joyGetDevCapsW
mciGetCreatorTask
midiStreamOut
joyGetPosEx
midiInGetDevCapsW
midiInClose
mmioGetInfo
joySetThreshold
mmioOpenA
DrvGetModuleHandle
mmioSetBuffer
midiOutClose
waveOutGetErrorTextW
midiOutPrepareHeader
mmioRead
mixerSetControlDetails
waveInGetPosition
midiInMessage
DefDriverProc
InstallColorProfileA
GetCountColorProfileElements
GetPS2ColorRenderingIntent
CreateMultiProfileTransform
ConvertIndexToColorName
DisassociateColorProfileFromDeviceW
GetStandardColorSpaceProfileW
UninstallColorProfileW
CreateProfileFromLogColorSpaceW
GetColorProfileFromHandle
UninstallColorProfileA
SetColorProfileHeader
GetStandardColorSpaceProfileA
RegisterCMMW
AssociateColorProfileWithDeviceA
CheckColors
TranslateBitmapBits
GetColorProfileElement
SetColorProfileElementReference
CreateColorTransformA
GetColorProfileElementTag
DeleteColorTransform
EnumColorProfilesW
SetStandardColorSpaceProfileW
CreateColorTransformW
_ultoa
srand
_wcslwr
isdigit
_wspawnl
_wspawnvpe
_isctype
strtok
_abnormal_termination
_fcvt
fputs
isalpha
memcmp
fputwc
tolower
iswctype
wcsncpy
tmpnam
_wcsrev
_wcreat
_strupr
isgraph
iswupper
_rotl
_swab
memmove
iswprint
_wgetenv
bsearch
_strnicmp
_wexecve
_fputchar
_flsbuf
CoInitialize
HGLOBAL_UserSize
OleCreateFromData
ReleaseStgMedium
PropStgNameToFmtId
CoDisconnectObject
CreateAntiMoniker
HWND_UserMarshal
CoSetProxyBlanket
Number of PE resources by type
RT_ICON 12
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 14
PE resources
ExifTool file metadata
FileDescription
Java(TM) Platform SE binary

LinkerVersion
8.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
6.0.310.5

UninitializedDataSize
0

LanguageCode
Neutral

FileFlagsMask
0x003f

FullVersion
1.6.0_31-b05

ImageFileCharacteristics
No relocs, Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
40960

EntryPoint
0x5c60

OriginalFileName
java.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2012

FileVersion
6.0.310.5

TimeStamp
2014:07:25 08:31:06+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
java

ProductVersion
6.0.310.5

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows command line

MachineType
Intel 386 or later, and compatibles

CompanyName
Sun Microsystems, Inc.

CodeSize
24576

ProductName
Java(TM) Platform SE 6 U31

ProductVersionNumber
6.0.310.5

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 a43d5043406e059d3237bc87154c67c5
SHA1 2805d9588a017c3439f4fb34d1dc540ba9f1796f
SHA256 04d0e6204c7d2cfebbf1f57a7badf09117141e296ac459fb57ddf354fea95844
ssdeep
1536:9E9QCVQ8B9/ui73aOtH0nrFgUhRwqjhurmKFct:fCVX/uMKacdhTjAqGct

authentihash d1f6a3ca1b88e126709015a16407bf1863c39a8c3ab4ae442b47695435b2cf18
imphash f4222249773f0aee2e4d0364101f5b01
File size 96.0 KB ( 98304 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (console) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (38.4%)
Win32 Executable (generic) (26.3%)
OS/2 Executable (generic) (11.8%)
Generic Win/DOS Executable (11.6%)
DOS Executable Generic (11.6%)
Tags
peexe

VirusTotal metadata
First submission 2018-08-10 11:33:35 UTC ( 4 months, 1 week ago )
Last submission 2018-08-10 11:33:35 UTC ( 4 months, 1 week ago )
File names java.exe
java
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Created processes
Code injections in the following processes
Opened mutexes
Searched windows
Runtime DLLs
HTTP requests
DNS requests
TCP connections