home

java_runtime_enviroment_setup.exe

My Program

Information Technology Systems doo

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application java_runtime_enviroment_setup.exe, “My Program Setup ” by Information Technology Systems doo has been detected as adware by 11 anti-malware scanners. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. With this installer, users are expecting to download the free Oracle Java Runtime but before that occurs they may be presented with additional offers, mostly potentially unwanted software or adware.
Publisher:
Information Technology Systems doo  (signed and verified)

Product:
My Program

Description:
My Program Setup

MD5:
9d1dba9d9d79b4269047f321a1b62357

SHA-1:
5ed883990206877f12c4be879821f2ec317f8826

SHA-256:
499bcce25718e82d5a4854e3402a490a66623aabd09f1771d53a2da302a369fe

Scanner detections:
11 / 68

Status:
Adware

Explanation:
Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:
This is also known as bundleware, or downloadware, which is an downloader designed to simply deliver ad-supported offers in the setup routine of an otherwise legitimate software.

Analysis date:
11/15/2024 7:16:39 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/InstallCore.Gen9
7.11.167.200

AVG
Generic
2015.0.3379

Dr.Web
Adware.Downware.6398
9.0.1.05190

ESET NOD32
Win32/InstallCore.PZ potentially unwanted application
7.0.302.0

K7 AntiVirus
Unwanted-Program
13.183.13054

Kaspersky
not-a-virus:AdWare.Win32.InstallCore
14.0.0.3390

Malwarebytes
PUP.Optional.InfoTech
v2014.08.18.01

Reason Heuristics
PUP.Installer.InformationTechnologySystemsdoo.a
14.8.18.0

Sophos
Install Core Click run software
4.98

SUPERAntiSpyware
PUP.InstallCore/Variant
10415

VIPRE Antivirus
Threat.4150696
32210

File size:
733.3 KB (750,864 bytes)

Product version:
1.5

File type:
Executable application (Win32 EXE)

Bundler/Installer:
installCore (using Inno Setup)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\java_runtime_enviroment_setup.exe

Digital Signature
Signed by:
Information Technology Systems doo

Authority:
COMODO CA Limited

Valid from:
2/17/2014 7:00:00 PM

Valid to:
2/18/2016 6:59:59 PM

Subject:
CN=Information Technology Systems doo, O=Information Technology Systems doo, STREET=Bulevar Dzordza Vasingtona 60, L=Podgorica, S=Montenegro, PostalCode=81000, C=ME

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00C5C6AC5F85C769596A73A863C86D258C

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:YbeFa9UnAqpisjqQCo8cXuYltPcM2y0pPF+9DlO7xJR2hzwwGx:YiFs9qpFjtBv08jZlqzRRx

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, BF, A9, FF, FF, E8, 5E, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, 24, CE, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, 24, CE...
 
[+]

Entropy:
7.8865

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

Remove java_runtime_enviroment_setup.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.