home

setupjvm.exe

MD5:
ba0e274781fc539e3bed43519d684e09

SHA-1:
00a36440bdb7b867343b8097bbb4293f599e27ca

SHA-256:
fd60df4c4ff57fa9acfb82565a08521208d756f68d980f1a5a2f22bcf1adce9b

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/25/2024 7:40:00 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/DH{gRKBEy4gEwMkIiWBD1dO}
2016.0.2998

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.9.5.0

McAfee
Artemis!BA0E274781FC
5600.6618

Rising Antivirus
PE:Malware.RDM.24!5.1E[F1]
23.00.65.151007

File size:
515.5 KB (527,872 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\setupjvm.exe

File PE Metadata
Compilation timestamp:
10/15/2014 7:51:17 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
12288:KyomdPwrZAyaD7R//wAEcL1F87J7qll9nFb:KVs2Aya3acbI8Z

Entry address:
0xC0A0

Entry point:
8B, FF, 55, 8B, EC, E8, 46, F4, 00, 00, E8, 11, 00, 00, 00, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 6A, FE, 68, A8, 6D, 43, 00, 68, 70, 14, 41, 00, 64, A1, 00, 00, 00, 00, 50, 83, C4, 98, 53, 56, 57, A1, 50, 91, 43, 00, 31, 45, F8, 33, C5, 50, 8D, 45, F0, 64, A3, 00, 00, 00, 00, 89, 65, E8, C7, 45, 90, 00, 00, 00, 00, 8D, 45, A0, 50, FF, 15, 54, C1, 42, 00, 83, 3D, AC, C0, 43, 00, 00, 75, 0E, 6A, 00, 6A, 00, 6A, 01, 6A, 00, FF, 15, 50, C1, 42, 00, E8, 8E, 01...
 
[+]

Entropy:
6.9808

Code size:
169 KB (173,056 bytes)

The file setupjvm.exe has been seen being distributed by the following 2 URLs.

http://localhost:37848/continue?TiCredToken=30621&Source=WTP&URL=http://cyc51.cycgame.com/~cyc/cycgame/.../SetupJvm.exe&Permanent=1

http://cyc51.cycgame.com/~cyc/cycgame/.../SetupJvm.exe

Scan setupjvm.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.