» java_update.exe
Overview
Analysis
File Details
Downloads (20)

java_update.exe

Web Application

Geryon Ads S.L.

The installer utilizes the installCore download manager which may bundle additional offers for various ad-supported toolbars, extensions and utilities. The application java_update.exe, “Web Application Setup ” by Geryon Ads S.L has been detected as adware by 8 anti-malware scanners. The program is a setup application that uses the installCore installer. The setup program uses the InstallCore engine which may bundle additional software offers including toolbars and browser extensions. The installer is marketed through download protals and search ads as the free Oracle Java Runtime but will also install additional software offers which include adware, PUPs and browser toolbars.

File name:

java_update.exe

Publisher:

Generic (signed by Geryon Ads S.L.)

Product:

Web Application

Description:

Web Application Setup

Version:

4.2.5.8

MD5:

c5cb45943ad37b0ad6b184d243ca17f4

SHA-1:

99804366ca76db4d1e9c3a707d528526c1f54f4f

SHA-256:

48e7918a4146b037b04822312dcb0d9ba70db59c7abdd1fb2f4e105f95a0dc23

Scanner detections:

8 / 68

Status:

Adware

Explanation:

Uses the InstallCore download manager to install additional potentially unwanted software which may include extensions such as DealPly and various toolbars.

Description:

This 'download manager' is also considered bundleware, a utility designed to download software (possibly legitimate or opensource) and bundle it with a number of optional offers including ad-supported utilities, toolbars, shopping comparison tools and browser extensions.

Analysis date:

11/1/2024 5:34:33 PM UTC (today)

Scan engine

Detection

Engine version

AVG

Generic

2016.0.3089

Baidu Antivirus

Adware.Win32.InstallCore

4.0.3.1564

Bkav FE

W32.HfsAdware

1.3.0.6379

Dr.Web

Trojan.InstallCore.151

9.0.1.0155

ESET NOD32

Win32/InstallCore.ZM potentially unwanted (variant)

9.11730

K7 AntiVirus

Unwanted-Program

13.204.16131

Reason Heuristics

PUP.Installer.GeryonAds

15.6.4.9

VIPRE Antivirus

InstallCore

40808

File size:

687.6 KB (704,064 bytes)

Product version:

5.6.8

Program

File type:

Executable application (Win32 EXE)

Bundler/Installer:

installCore (using Inno Setup)

Language:

Language Neutral

Digital Signature

Signed by:

Geryon Ads S.L.

Authority:

Thawte, Inc.

Valid from:

6/16/2014 3:00:00 AM

Valid to:

6/17/2015 2:59:59 AM

Subject:

CN=Geryon Ads S.L., OU=IT, O=Geryon Ads S.L., L=Barcelona, S=Barcelona, C=ES

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

71F910550D2DD2713679787B12FF2EA0

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

1.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:WHeGF+JxTmQV22wo+SAjhpTR4Vrm4a180DqrRU8Owoj9l7:WHeS+/TxJejhpTR4k17uU8O97

Entry address:

0xA5F8

Entry point:

55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, CE, 8A, FF, FF, E8, D5, 9C, FF, FF, E8, 64, 9F, FF, FF, E8, 07, A0, FF, FF, E8, A6, BF, FF, FF, E8, 11, E9, FF, FF, E8, 78, EA, FF, FF, 33, C0, 55, 68, C9, AC, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 92, AC, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 26, F5, FF, FF, E8, 11, F1, FF, FF, 80, 3D, 34, B2, 40, 00, 00, 74, 0C, E8, 23, F6, FF, FF, 33, C0, E8, C4, 97, FF, FF, 8D, 55, F0, 33, C0, E8, B6, C5, FF, FF, 8B, 55... 
[+]

Entropy:

7.8910

Packer / compiler:

Inno Setup v5.x - Installer Maker

Code size:

39.5 KB (40,448 bytes)

The file java_update.exe has been seen being distributed by the following 20 URLs.

http://cdn.download4windowsfiles.com/c?x=aG446ahlPffu9UHwnOWtzR8rWD2gJETqzg71MiS3O9g=&c=6g4r92USjujz2pkP/yf4s cN3e82/HwGhl5KI3sS9N89rUQdgFs5ka9CyKRypH2mQidfd22PJx3W GRP4r2q2w==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=YwTGPoE792eo14qqGugoGmHhOh1ZHDXD2lKh64G3kPo=&c=5RSHAU1DgHzR3he6DiMsajmYALemOKEEsF3hqK9SGgsycnyImpcShmsrY8z6FNMdNrENl8L8rCfBag3J pYXVg==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=gd9UqN3V0RQhx2 bewa7Us3GInab7Zlj3fdE4KKkMmg=&c=aJd91xCBs2OqYYM8zIN9KquO ajAsQTgUn7Bj94nF4cR4xC1IufEVJPpsH6Xx7t9dWZcNC9UAr42kLxUdO97ww==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=9VWtC JHs Z NDbclLIkvoQQRZ nElevy/E4sQFpC74=&c=QKLdYwL7vk8H2EOa3TcLaRL0Z0pxhOsjgQ7GO9IYU0lKe5bgz1XXtieMw3yuE2BSOfk/alJxUr4C o5F52VgHA==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=jX4XjHAK9hg AXtZ2hKfovHHk4rmpwsRTjn3aKYNrVs=&c=e60YQ9cLwoO9/LVJfM3EDUtQPPmHksWvS/ahlcjgPnCXaHURYRre4Gk1jXmiHjeiYcJMeKmPdkc3G2/zbW3P1Q==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=iE eOhcZd gV 1i63C8LJkCgIysvO6YOVHnUdxms5TE=&c=5MJuVOnKdQkVm9S9ueErgkBPCqxWmkMUzl CH7y71AvDAD3TafoWzlT8qU 18sqbULQgqSqPos6nHt78T0ZgXQ==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=WH3QuJoMbOBb46OdoMDpU2KFyvxH6pFd0A3NAg57dbU=&c=gZjZ19WfVaVjk G5pqq8duYg93mc1rjeAh4cNZNQbr3YxDLIr/iNhld1F6wHc5UMRYpaOmGgRpFQcB19XC/h A==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=uc8cBYjbnqQUjW6wGXYrsxV7CzH/2XlLRBtKsjLP6hU=&c=D3dhlfzN JXN Nf5qpyMwg4I7lzaRlyfPsYn1o0I33EdmLSpYWhzlgcr6fD//3J4aDnaqI9GfgRdHwst 1mZsA==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=298aKe9sIcNnrt5hdy68QY5QKZEipz5ooduDSrvC58w=&c=L8ZmYG/V18/thxhn6QU MUjZOzJ/nIRsPPjpvhoKIjZ/AF7suQBbcIbQuhhuZvYYiMD8Y2Udtwe BdKRm1SHGQ==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=9MQZlwWPnLJZbZmgHzqVhpxtjPRyO0P8VNChhcktO7Y=&c=VqwHYmllaTBsb3gzEpbo3UcF jkHW0wjhSNNB5KB60gG9M3QHHaUW i/7B2PYOClrtrU1HjPt1JWZVfuaz2Yqg==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=WFiNrx/rsz7nvuUcvZqpbYkjanF8jf8t8zm8fUT7YW0=&c=8MlRj8/XEsOptmGQeuOlZ9j5 s44kZJ3jAA2tax8a4dq26eHjv4/ZkvC6fDeIQBmApAlY9Z4gkDQpteij3Cv A==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=UpQtPizDwR A1k8xV1bcT YxcxcDtCSs2FGCvceYnhw=&c=kkpB3li7FrIonDl61UbvIbLeKlDIh/i3dC7jqsM3dJ8ytbtYtS1mGQF78zve/9wDljfeU9dcQCjrn3kMY4/7hA==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=0pG1zgouIZ9F4GKqL/CkpFTx3R7LANtRQk8hVmr0Ung=&c=xS7XaCZLJTxSzs kQ4wRoe/KHN9y0Y2/wvwWcYhdTPtFJRYnnWIVD2isMARTYiqqPbXtF61QDU157zh6qAM2ww==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=tCkw6jVSN7EOZoRhxzf9IQfIh4XIRIcK/XwXS7dNRoI=&c=BFTNcw9lZXIvG1ua85WxBFiqD9sTNpo8Leaznj4G0TmMPQ5cnZT2mkQ9VG7 6DhA/fmqVUXZ SCE8k MhjlMog==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=opXL2MRr7pSZ9pZC 3KXRKIOvJxhon4USBZJ6AuDgMU=&c=xU2oAudGND2SEvWC36N/2PT0ZU5JRaMr2aNQF r T/rc8FNRc6yUPHaqXt9GI3gtV7 tDq9iJ0idy3Omme3a3A==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=Y6vAiymobmNIDx1NkKCQW58FHgrMhjhtE2OHnTE2h6E=&c=qePUIyinlPa0whFuE4IQ16F9h9zjq7dV8daFyYTHfo0uO1qfy4tQV1sXEwdhaw xPsrdeq3VdQI6bLG52atFiQ==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=XQ/aD9KkfTCATXe3GYuiLWPCInnHfRn8s3Xc0I58RUM=&c=6NsI334lb OTNcIv4epOo0Q KjsoWGEf6eiPXpQBLtNNTQH36K/0J/uCmpyIWcn085mE964egFOpYks0ESQF8A==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=Xk0k7EWYcuTyQb9CMf1j9AzNkslg93CLPSlOXZqzUZc=&c=ySY b6ATiNi6Eb NasD1l7PfU3Viw8hpq902Fcfw1pzn/RDAYG2r62e16Y4/daLdBFtKGvL3UETArw0ONIzDFQ==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=9RwKX9f05lqLxiiYOxOWu/rXu0SWbCn4GYSl Yv3DG0=&c=AbTZtKxDx4UbdAj5ToO6sHriIoxXwqYJOZQ5CfSVdXesLDGsKW4UW2gzkNGc9SoUYGFw1ysN6G6nsvlrdSy0aA==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

http://cdn.download4windowsfiles.com/c?x=gQMLA0hJpppcjMM9zKadn7DLfbBXHdThgjdyVTWMJkY=&c=HyO1e29WQD6AUr663xJ8UKFKMzMugrYjGNVgDFNFCYy1zAvOZFuajy0UkTwDluIXCLQdOmSjLmA hb9kDhm2zA==&fallback_url=http://cdn.download4windowsfiles.com&downloadAs=Java_Update.exe

Remove java_update.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.