home

38900-674427-java-runtime-environment-jre.exe

The application 38900-674427-java-runtime-environment-jre.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This is a setup program which is used to install the application. The file has been seen being downloaded from 9-lab.com.
MD5:
9f6e6974ae34ace6d9f0a912f04742df

SHA-1:
4494e6b63667f79be3ab697384f2a221851d9668

SHA-256:
c28ce07b9e6207db3880f0812704a4279a9fe703f14c5a72c58a071313a47a98

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 4:54:58 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Bundler (M)
16.3.8.22

File size:
181 Bytes

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\38900-674427-java-runtime-environment-jre.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
3:qVoB3tUROnEBnQzvvXboAc9FKEIHiHby4AqWYBnQ3klIVLLPjTnRZ/eIwcWWGu:q43tIYEBnoXiWHiHuwWYBnzlI5LPjTrb

Entry point:
3C, 68, 74, 6D, 6C, 3E, 0D, 0A, 3C, 68, 65, 61, 64, 3E, 3C, 74, 69, 74, 6C, 65, 3E, 34, 30, 30, 20, 42, 61, 64, 20, 52, 65, 71, 75, 65, 73, 74, 3C, 2F, 74, 69, 74, 6C, 65, 3E, 3C, 2F, 68, 65, 61, 64, 3E, 0D, 0A, 3C, 62, 6F, 64, 79, 20, 62, 67, 63, 6F, 6C, 6F, 72, 3D, 22, 77, 68, 69, 74, 65, 22, 3E, 0D, 0A, 3C, 63, 65, 6E, 74, 65, 72, 3E, 3C, 68, 31, 3E, 34, 30, 30, 20, 42, 61, 64, 20, 52, 65, 71, 75, 65, 73, 74, 3C, 2F, 68, 31, 3E, 3C, 2F, 63, 65, 6E, 74, 65, 72, 3E, 0D, 0A, 3C, 68, 72, 3E, 3C, 63, 65, 6E...
 
[+]

The file 38900-674427-java-runtime-environment-jre.exe has been seen being distributed by the following URL.

http://9-lab.com/.../rmtool-setup-x64.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.