× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 50d220d8bd1605f58aab5ea55eee656f9a02d276361f82ca95e8c01752e8233f
File name: 50d220d8bd1605f58aab5ea55eee656f9a02d276361f82ca95e8c01752e8233f
Detection ratio: 38 / 54
Analysis date: 2015-12-10 17:19:16 UTC ( 3 years, 5 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.2837391 20151210
Yandex Trojan.Agent!uuXb9tAn1ZM 20151209
AhnLab-V3 Trojan/Win32.Yakes 20151210
ALYac Trojan.GenericKD.2837391 20151210
Arcabit Trojan.Generic.D2B4B8F 20151210
Avast Win32:Malware-gen 20151210
AVG Pakes2_c.BRHR 20151210
Avira (no cloud) TR/Crypt.ZPACK.198556 20151210
AVware Trojan.Win32.Generic.pak!cobra 20151210
Baidu-International Trojan.Win32.Agent.RCJ 20151210
BitDefender Trojan.GenericKD.2837391 20151210
CAT-QuickHeal Trojan.Dyname.r4 20151209
Cyren W32/Application.NMOC-1253 20151210
DrWeb Trojan.DownLoader17.23698 20151210
Emsisoft Trojan.Win32.Injector (A) 20151210
ESET-NOD32 Win32/Agent.RCJ 20151210
F-Secure Trojan.GenericKD.2837391 20151210
Fortinet W32/Agent.RCJ!tr 20151210
GData Trojan.GenericKD.2837391 20151210
Ikarus Trojan.Win32.Agent 20151210
K7AntiVirus Trojan ( 004cf9df1 ) 20151210
K7GW Trojan ( 004cf9df1 ) 20151210
Kaspersky Trojan.Win32.Yakes.nbkz 20151210
Malwarebytes Backdoor.CoreBot 20151210
McAfee Generic.xb 20151210
McAfee-GW-Edition BehavesLike.Win32.Expiro.gc 20151210
Microsoft Trojan:Win32/Dynamer!ac 20151210
eScan Trojan.GenericKD.2837391 20151210
NANO-Antivirus Trojan.Win32.DownLoader17.dyjakw 20151210
nProtect Trojan.GenericKD.2837391 20151210
Panda Trj/Genetic.gen 20151210
Qihoo-360 HEUR/QVM20.1.Malware.Gen 20151210
Sophos AV Mal/Tinba-T 20151210
Symantec PUA.Downloader 20151210
TrendMicro TROJ_FORUCON.BMC 20151210
TrendMicro-HouseCall TROJ_FORUCON.BMC 20151210
VIPRE Trojan.Win32.Generic.pak!cobra 20151210
ViRobot Trojan.Win32.Z.Agent.447488.B[h] 20151210
AegisLab 20151210
Alibaba 20151208
Antiy-AVL 20151210
Bkav 20151210
ByteHero 20151210
ClamAV 20151210
CMC 20151210
Comodo 20151209
F-Prot 20151210
Jiangmin 20151209
Rising 20151210
SUPERAntiSpyware 20151210
TheHacker 20151209
VBA32 20151210
Zillya 20151208
Zoner 20151210
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
Copyright © 2012

Product Java(TM) Platform SE 7 U4
Original name java.exe
Internal name java
File version 7.0.40.20
Description Java(TM) Platform SE binary
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2015-10-30 09:05:31
Entry Point 0x00001290
Number of sections 4
PE sections
PE imports
RegCreateKeyExW
SetSecurityDescriptorOwner
RegCloseKey
RegQueryValueExA
AccessCheck
InitializeAcl
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
SetSecurityDescriptorDacl
RegOpenKeyA
OpenProcessToken
DuplicateToken
AddAccessAllowedAce
RegOpenKeyExW
GetUserNameW
RegEnumValueW
RegEnumKeyExW
OpenThreadToken
GetLengthSid
RegDeleteValueW
RegSetValueExW
FreeSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
SetSecurityDescriptorGroup
IsValidSecurityDescriptor
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_Destroy
ImageList_AddMasked
ImageList_SetBkColor
ImageList_Draw
ImageList_GetIconSize
ImageList_DragLeave
ImageList_Remove
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_Create
ImageList_EndDrag
ImageList_Replace
ImageList_ReplaceIcon
ImageList_DragEnter
ImageList_Add
PrintDlgW
GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
CommDlgExtendedError
PageSetupDlgW
GetCharABCWidthsW
GetTextMetricsW
SetMapMode
GetPaletteEntries
CombineRgn
GetObjectType
SetPixel
EndDoc
CreatePalette
EqualRgn
CreateDIBitmap
GetDIBits
ExtCreateRegion
StretchBlt
StretchDIBits
Pie
SetWindowExtEx
Arc
SetViewportExtEx
ExtCreatePen
SetBkColor
GetBkColor
GetDIBColorTable
DeleteEnhMetaFile
GetSystemPaletteEntries
OffsetRgn
CreateRectRgnIndirect
GetEnhMetaFileW
GetPixel
ExcludeClipRect
SetBkMode
RectInRegion
PtInRegion
GetRegionData
BitBlt
CreateEnhMetaFileW
SetAbortProc
SelectPalette
GetOutlineTextMetricsW
ExtSelectClipRgn
CloseEnhMetaFile
SetROP2
EndPage
GetNearestPaletteIndex
PolyPolygon
DeleteObject
CreatePen
SetStretchBltMode
Rectangle
GetDeviceCaps
LineTo
DeleteDC
CreateFontIndirectW
StartPage
GetObjectW
CreateDCW
RealizePalette
CreateHatchBrush
CreatePatternBrush
ExtTextOutW
CreateBitmap
GetStockObject
PlayEnhMetaFile
GdiFlush
SelectClipRgn
RoundRect
GetEnhMetaFileHeader
SetWindowOrgEx
GetTextExtentPoint32W
Polygon
GetRgnBox
CreateICW
MaskBlt
GetTextExtentExPointW
CreateDIBSection
SetTextColor
ExtFloodFill
GetClipBox
MoveToEx
EnumFontFamiliesExW
SetViewportOrgEx
CreateCompatibleDC
PolyBezier
SetBrushOrgEx
CreateRectRgn
SelectObject
SetPolyFillMode
Ellipse
CreateSolidBrush
Polyline
StartDocW
CreateCompatibleBitmap
GetStdHandle
GetDriveTypeW
GetConsoleOutputCP
FileTimeToSystemTime
WaitForSingleObject
GetDriveTypeA
SetConsoleCursorPosition
GetFileAttributesW
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
GetVolumeInformationW
SetErrorMode
FreeEnvironmentStringsW
GetLocaleInfoW
SetStdHandle
GetFileTime
WideCharToMultiByte
GetProcAddress
GetStringTypeA
GetDiskFreeSpaceW
InterlockedExchange
WriteFile
FormatMessageW
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
GetFullPathNameA
GetOEMCP
LocalFree
MoveFileA
ResumeThread
InitializeCriticalSection
OutputDebugStringW
GetLogicalDriveStringsW
FindClose
InterlockedDecrement
QueryDosDeviceW
MoveFileW
SetFileAttributesW
GetEnvironmentVariableW
SetLastError
PeekNamedPipe
DeviceIoControl
CopyFileW
LoadResource
RemoveDirectoryW
IsDebuggerPresent
HeapAlloc
GetModuleFileNameA
FillConsoleOutputCharacterW
RaiseException
GetSystemDefaultUILanguage
SetThreadPriority
UnhandledExceptionFilter
TlsGetValue
MultiByteToWideChar
GetModuleHandleA
GetFullPathNameW
CreateThread
SetEnvironmentVariableW
GetSystemDirectoryW
CreatePipe
GetExitCodeThread
SetNamedPipeHandleState
SetUnhandledExceptionFilter
CreateMutexW
MulDiv
ExitThread
SetEnvironmentVariableA
GetDiskFreeSpaceExA
WriteConsoleA
SetCurrentDirectoryW
GlobalAlloc
GetDiskFreeSpaceExW
CreateEventW
SetEndOfFile
GetCurrentThreadId
LeaveCriticalSection
WriteConsoleW
CreateToolhelp32Snapshot
InitializeCriticalSectionAndSpinCount
HeapFree
EnterCriticalSection
GetSystemTime
SetHandleCount
TerminateThread
LoadLibraryW
GetVersionExW
SetEvent
QueryPerformanceCounter
GetTickCount
TlsAlloc
FlushFileBuffers
LoadLibraryA
RtlUnwind
FreeLibrary
GlobalSize
GetStartupInfoA
GetDateFormatA
OpenProcess
CreateDirectoryA
DeleteFileA
GetCPInfo
DeleteFileW
GetUserDefaultLCID
GetConsoleScreenBufferInfo
GetProcessHeap
GetTempFileNameW
GetComputerNameW
CompareStringW
GetModuleFileNameW
ExpandEnvironmentStringsW
FindNextFileW
CreateDirectoryW
GetTimeFormatA
FreeConsole
FindFirstFileW
IsValidLocale
DuplicateHandle
WaitForMultipleObjects
SetVolumeLabelW
GetTimeZoneInformation
CreateFileW
CopyFileA
GetFileType
TlsSetValue
CreateFileA
ExitProcess
InterlockedIncrement
GetLastError
LCMapStringW
VirtualAllocEx
GlobalFree
GetConsoleCP
FindResourceW
LCMapStringA
GetEnvironmentStringsW
GlobalUnlock
Process32NextW
CreateProcessW
FileTimeToLocalFileTime
SizeofResource
GetCurrentProcessId
LockResource
GetCommandLineW
GetCurrentDirectoryA
HeapSize
GetCommandLineA
InterlockedCompareExchange
Process32FirstW
GetCurrentThread
QueryPerformanceFrequency
TerminateProcess
TlsFree
SetFilePointer
ReadFile
CloseHandle
ReadConsoleOutputCharacterA
GetACP
GlobalLock
GetModuleHandleW
GetFileAttributesExW
EnumSystemLocalesA
GetEnvironmentStrings
IsValidCodePage
HeapCreate
GetTempPathW
VirtualFree
Sleep
IsBadReadPtr
IsBadStringPtrA
VirtualAlloc
CompareStringA
DragQueryFileW
SHCreateDirectoryExW
SHBrowseForFolderW
SHGetFolderPathW
DragAcceptFiles
ShellExecuteW
SHGetPathFromIDListW
DragQueryPoint
ExtractIconExW
SHChangeNotify
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetFileInfoW
ExtractIconW
SHGetMalloc
DragFinish
StrToIntW
StrFormatByteSizeW
StrFormatKBSizeW
RedrawWindow
ChangeDisplaySettingsW
GetMessagePos
SetWindowRgn
UnregisterHotKey
LoadBitmapW
SetRectEmpty
EnableScrollBar
DestroyMenu
PostQuitMessage
GetForegroundWindow
DrawStateW
SetWindowPos
DdeDisconnect
IsWindow
EndPaint
WindowFromPoint
CopyRect
DdeCreateStringHandleW
GetMessageTime
VkKeyScanW
SetMenuItemInfoW
SetActiveWindow
GetMenuItemID
GetCursorPos
ReleaseDC
SendMessageW
UnregisterClassW
GetClientRect
DdeInitializeW
DrawTextW
DdeFreeStringHandle
CallNextHookEx
DdeFreeDataHandle
IsClipboardFormatAvailable
LoadImageW
DdeQueryStringW
GetActiveWindow
RegisterHotKey
GetUpdateRgn
DdeCreateDataHandle
GetWindowTextW
GetWindowTextLengthW
MsgWaitForMultipleObjects
ScrollWindow
PtInRect
DrawEdge
ShowCursor
GetParent
UpdateWindow
EnumWindows
GetMessageW
ShowWindow
DrawFrameControl
GetDesktopWindow
ValidateRgn
PeekMessageW
InsertMenuItemW
GetClipboardFormatNameW
EnumDisplaySettingsW
ChildWindowFromPoint
TranslateMessage
IsWindowEnabled
GetWindow
CreateDialogIndirectParamW
GetIconInfo
SetParent
RegisterClassW
IsZoomed
GetWindowPlacement
LoadStringW
DdeConnect
DrawMenuBar
IsIconic
GetSubMenu
CreateMenu
DdeClientTransaction
IsDialogMessageW
FlashWindow
CreateAcceleratorTableW
WaitForInputIdle
GetSysColorBrush
GetDialogBaseUnits
CreateWindowExW
GetWindowLongW
OpenClipboard
MapWindowPoints
ClientToScreen
EmptyClipboard
BeginPaint
OffsetRect
DefWindowProcW
keybd_event
KillTimer
MapVirtualKeyW
CheckMenuRadioItem
GetClipboardData
GetSystemMetrics
EnableMenuItem
DdeGetData
GetWindowRect
InflateRect
SetCapture
ReleaseCapture
PostMessageW
CreateDialogParamW
CreatePopupMenu
CheckMenuItem
DrawFocusRect
DrawIconEx
SetWindowTextW
SetTimer
GetDlgItem
BringWindowToTop
ScreenToClient
TrackPopupMenu
PostThreadMessageW
GetMenuItemCount
AttachThreadInput
DestroyAcceleratorTable
GetMenuState
SetWindowsHookExW
LoadCursorW
GetSystemMenu
FindWindowExW
GetDC
InsertMenuW
FillRect
SetForegroundWindow
SetFocus
GetMenuItemInfoW
GetAsyncKeyState
EnableWindow
ChildWindowFromPointEx
GetScrollInfo
HideCaret
CreateIconIndirect
GetCapture
SetWindowLongW
MessageBeep
RemoveMenu
GetWindowThreadProcessId
DeferWindowPos
BeginDeferWindowPos
MessageBoxW
DdeUninitialize
UnhookWindowsHookEx
LoadIconW
MoveWindow
DdePostAdvise
AppendMenuW
GetWindowDC
DestroyCursor
AdjustWindowRectEx
GetSysColor
RegisterClipboardFormatW
SetScrollInfo
GetKeyState
EndDeferWindowPos
GetDoubleClickTime
DestroyIcon
IsWindowVisible
DdeNameService
SetCursorPos
SystemParametersInfoW
UnionRect
DispatchMessageW
SetRect
InvalidateRect
CallWindowProcW
GetClassNameW
DestroyWindow
ModifyMenuW
ValidateRect
IsRectEmpty
GetFocus
wsprintfW
CloseClipboard
DdeGetLastError
SetCursor
SetMenu
TranslateAcceleratorW
CoCreateInstance
OleUninitialize
CoUninitialize
CoInitialize
OleInitialize
OleFlushClipboard
ReleaseStgMedium
OleSetContainedObject
RegisterDragDrop
OleGetClipboard
OleLockRunning
CoLockObjectExternal
RevokeDragDrop
CoCreateGuid
OleRun
OleIsCurrentClipboard
CoTaskMemFree
OleSetClipboard
CoTaskMemAlloc
Number of PE resources by type
RT_ICON 12
RT_MANIFEST 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 15
PE resources
ExifTool file metadata
UninitializedDataSize
0

FileDescription
Java(TM) Platform SE binary

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
7.0.40.20

LanguageCode
Neutral

FileFlagsMask
0x003f

FullVersion
1.7.0_04-b20

CharacterSet
Unicode

InitializedDataSize
93696

EntryPoint
0x1290

OriginalFileName
java.exe

MIMEType
application/octet-stream

LegalCopyright
Copyright 2012

FileVersion
7.0.40.20

TimeStamp
2015:10:30 10:05:31+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
java

ProductVersion
7.0.40.20

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Oracle Corporation

CodeSize
353280

ProductName
Java(TM) Platform SE 7 U4

ProductVersionNumber
7.0.40.20

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 4465e8862879e36549aab3be3121d81c
SHA1 33af894760695538b27c5b9d972eaab988044dd4
SHA256 50d220d8bd1605f58aab5ea55eee656f9a02d276361f82ca95e8c01752e8233f
ssdeep
12288:rCZjjonLWRD6NMYC5oE9nKG3wcwNrJ5NbR6c:rCZnoKwSYsoE9nKG3qJ8c

authentihash 51411e21bbf5ee270c65913a01ac36e14ef52a13d8b5ba08b7b5cb7afd3a52d8
imphash 95d9ba23c7a6b4401afadec6f633005a
File size 437.0 KB ( 447488 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (35.8%)
Win64 Executable (generic) (31.7%)
Windows screen saver (15.0%)
Win32 Dynamic Link Library (generic) (7.5%)
Win32 Executable (generic) (5.1%)
Tags
peexe via-tor

VirusTotal metadata
First submission 2015-10-30 10:03:16 UTC ( 3 years, 6 months ago )
Last submission 2016-03-14 23:50:32 UTC ( 3 years, 2 months ago )
File names d744eacff2fe3f.gif
18d3c4506659ebe.gif
bacdbb06f19b487.gif
41ca04d7c864028.exe
java.exe
41d07.gif
java
aa4.gif
fa740f54bc18a.gif
document.php
ebacb24.gif
45fa1224412138.gif
a3a.gif
e7c1e9f99d6.gif
50D220D8BD1605F58AAB5EA55EEE656F9A02D276361F82CA95E8C01752E8233F.exe
b811a33e.gif
c2dfbce1fce.gif
02.gif
33b1d35c19f8c1c.gif
c780ab33eb4044df.gif
feb7e23b48.gif
b2a9b31f.gif
83.gif
Advanced heuristic and reputation engines
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Code injections in the following processes
Terminated processes
Created mutexes
Opened mutexes
Runtime DLLs