Manalyze report for 41a0869c7f66610995d939d4173c2ee4

This file seems to be a .NET executable.
Sadly, Manalyzer's analysis techniques were designed for native code, so it's likely that this report won't tell you much.
Sorry!

Summary

Architecture	`IMAGE_FILE_MACHINE_I386`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
Compilation Date	2024-Jun-11 08:06:04
Detected languages	English - United States
CompanyName	Oracle Corporation
FileDescription	Java Platform SE binary
FileVersion	`8.0.4110.9`
Full Version	1.8.0_411-b09
InternalName	Setup Launcher
LegalCopyright	Copyright © 2024
OriginalFilename	wrapper_jre_offline.exe
ProductName	Java Platform SE 8 U411
ProductVersion	`8.0.4110.9`

Plugin Output

Info	Matching compiler(s):	`Microsoft Visual C# v7.0 / Basic .NET`
Info	Cryptographic algorithms detected in the binary:	`Uses constants related to SHA1`
Suspicious		`Unusual section name found: .sdata`
Malicious	The program tries to mislead users about its origins.	`The PE pretends to be from Oracle but is not signed!`
Suspicious	No VirusTotal score.	`This file has never been scanned on VirusTotal.`

Hashes

MD5	`41a0869c7f66610995d939d4173c2ee4`
SHA1	`1977fb6d25be844b25cee5b79a6283c129119519`
SHA256	`9a2a6e29f171357e85f8e28ce5324c2dd2603265bfb5e91faa3164028d1b6846`
SHA3	`e4c13f7085b2afda8db9d5aae290415c77bcc16994a73658aa36e0dc80f6d50d`
SSDeep	`6144:ykiaui+L99PmvirP2wqdccEeEfT6f39n30NznWQXgIv:yrlrPmKGLn3ezz3v`
Imports Hash	`f34d5f2d4577ed6d9ceec516c1f5a744`

DOS Header

e_magic	`MZ`
e_cblp	`0x90`
e_cp	`0x3`
e_crlc	`0`
e_cparhdr	`0x4`
e_minalloc	`0`
e_maxalloc	`0xffff`
e_ss	`0`
e_sp	`0xb8`
e_csum	`0`
e_ip	`0`
e_cs	`0`
e_ovno	`0`
e_oemid	`0`
e_oeminfo	`0`
e_lfanew	`0x80`

PE Header

Signature	`PE`
Machine	`IMAGE_FILE_MACHINE_I386`
NumberofSections	`4`
TimeDateStamp	2024-Jun-11 08:06:04
PointerToSymbolTable	`0`
NumberOfSymbols	`0`
SizeOfOptionalHeader	`0xe0`
Characteristics	`IMAGE_FILE_32BIT_MACHINE` `IMAGE_FILE_EXECUTABLE_IMAGE` `IMAGE_FILE_LINE_NUMS_STRIPPED` `IMAGE_FILE_LOCAL_SYMS_STRIPPED`

Image Optional Header

Magic	`PE32`
LinkerVersion	`6.0`
SizeOfCode	`0x4e800`
SizeOfInitializedData	`0x8400`
SizeOfUninitializedData	`0`
AddressOfEntryPoint	`0x000506AE (Section: .text)`
BaseOfCode	`0x2000`
BaseOfData	`0x52000`
ImageBase	`0x400000`
SectionAlignment	`0x2000`
FileAlignment	`0x200`
OperatingSystemVersion	`4.0`
ImageVersion	`0.0`
SubsystemVersion	`4.0`
Win32VersionValue	`0`
SizeOfImage	`0x5e000`
SizeOfHeaders	`0x400`
Checksum	`0`
Subsystem	`IMAGE_SUBSYSTEM_WINDOWS_GUI`
SizeofStackReserve	`0x100000`
SizeofStackCommit	`0x1000`
SizeofHeapReserve	`0x100000`
SizeofHeapCommit	`0x1000`
LoaderFlags	`0`
NumberOfRvaAndSizes	`14`

.text

MD5	`c2d42756811e540df22b1fe1e585ffd2`
SHA1	`35b99af68eabfb8a6b822d8c56cbf34971e6c9e0`
SHA256	`3b683938c34fa43b0fca746e17a26f6473eef198de3ae36639063d5b7329b1e9`
SHA3	`b4c87a45ce249676848cd31379593fd72aac2b4fe8ea9d12a12e0553ea2c56a1`
VirtualSize	`0x4e6b4`
VirtualAddress	`0x2000`
SizeOfRawData	`0x4e800`
PointerToRawData	`0x400`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_CODE` `IMAGE_SCN_MEM_EXECUTE` `IMAGE_SCN_MEM_READ`
Entropy	`7.69034`

.sdata

MD5	`bcc030362e7b5b57bf54c60a07b4fd52`
SHA1	`42d4959c777a42248ccbc99d6b776da89f81a670`
SHA256	`f4b1ac6754bba6a74208ccb6befaccd8d1595f9a3d47791eaa5779b189500f1e`
SHA3	`43a91b2957fe37702e8750baac05e00f7ae1bb42295c9887a71797ab7b38170a`
VirtualSize	`0xb1`
VirtualAddress	`0x52000`
SizeOfRawData	`0x200`
PointerToRawData	`0x4ec00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ` `IMAGE_SCN_MEM_WRITE`
Entropy	`2.19586`

.rsrc

MD5	`5e0752319cad7c0da1631330f493fd2a`
SHA1	`af973347322f3c59a778da428976b944e9803347`
SHA256	`43c5824c6122b7b4cabd2ac27f5c08a5c5f0b505504123930e8ea0ae195f6a26`
SHA3	`a960337328560372fab2967f33e0f08a3c4d442ef2c490b0aed4fbedd4f0507d`
VirtualSize	`0x7e74`
VirtualAddress	`0x54000`
SizeOfRawData	`0x8000`
PointerToRawData	`0x4ee00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_READ`
Entropy	`5.87951`

.reloc

MD5	`e949b10d18c7260fbbce1f36df70612b`
SHA1	`104fe8117373a085ed795bffff0f3be34c8a6c05`
SHA256	`ba26eea9524145237184da1e5d2c0b78d3fa90eae932783954561c047cf2ebd4`
SHA3	`483bd116be765e828e533ba8bdd7449550dc9a379ce4dcfd32b610ab879632de`
VirtualSize	`0xc`
VirtualAddress	`0x5c000`
SizeOfRawData	`0x200`
PointerToRawData	`0x56e00`
PointerToRelocations	`0`
PointerToLineNumbers	`0`
NumberOfLineNumbers	`0`
NumberOfRelocations	`0`
Characteristics	`IMAGE_SCN_CNT_INITIALIZED_DATA` `IMAGE_SCN_MEM_DISCARDABLE` `IMAGE_SCN_MEM_READ`
Entropy	`0.0815394`

Imports

mscoree.dll	`_CorExeMain`

Delayed Imports

2

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x668`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.59438`
MD5	`9d0f6f07a2248bdcec199bffa13dfba5`
SHA1	`e8fb851d2faf332c161450ed1d33357ca571aef4`
SHA256	`afb87caf3186370a597d066b19f0f74e4acfaf0a8e5e5f569e2da75def3ffc43`
SHA3	`8e4e882c7e4e136a0d0d9645aaaf10e88266dbe9a14893c9bc3b726dbd3945a1`

3

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x2e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.96826`
MD5	`787bac8701161530d75505d17919de19`
SHA1	`3d17733c52f7c7719b92b0d254e9c3331c6dd491`
SHA256	`1ff1edfe7779b95b24553fe1eeac40f72ce79a0bb2cbc8b711b7bf8265d5ee47`
SHA3	`c4c198821abba7f78e8c06b073f759c2c02a1b6b09666255ac63a154f9250678`

4

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x1e8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.90069`
MD5	`ebb5d7184cbe7f1f5a8f50152a49e433`
SHA1	`fb406caeb359cf8d7e5549c54c7f3291047b4db5`
SHA256	`f26171f3baeb9ccf71e80b12f92838a487f434119d12190cc1c8c4efbf0906f0`
SHA3	`fd0a11db1a75257cc7e710d1f84bd869d55d78a2868bc10497d0841e00afcdef`

5

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x128`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.0155`
MD5	`42576bbff51607bfb66bf0dd9d0824cc`
SHA1	`e01dfea8b91b3ef79b8b821cd72bf8e3ead72205`
SHA256	`46ae400026b2c61a308e02b36c84e994328786a23a51059a72fc0ee038ebac3e`
SHA3	`e308c9ff1a606d1d8e566f8071963892e5e7d80bfbe8525f6f5c5b10f413716c`

6

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xea8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.58618`
MD5	`6c3dc3215886ff31c733e2dda5317aed`
SHA1	`ea2f42acd8e27b860381d07530d6f344d2e48098`
SHA256	`467e07c1e3bcf890c4a61c9e1a675aab9dff875fc3b95648fe0cb6b5c76c0c11`
SHA3	`d004fc938e510b56d402dc33265de8f2a91083769c1b50556cd870159d5c37ed`

7

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x8a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.53853`
MD5	`f866af729c0cc8df99c41a1df739cb27`
SHA1	`d931ef7fd85d25450eff147e9dee8d67f995cdaa`
SHA256	`37922e311d3ba1cc04eda58d19f0fb513ba48b50841791aa0e2b4f4241591e06`
SHA3	`9544b9f866a62aa92eca3681a11eb6b319a4998a004174c55fcd56a227179197`

8

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x6c8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.94465`
MD5	`e643fbe9999fa09c51723b2ddc1e8b51`
SHA1	`3ddc56b1c637133713acc49ad654a15e0415fa18`
SHA256	`fceb63fb5ea6edbe9a8f50e449e5041a9c8622c7b4a0a0d2bd332fa4298138ef`
SHA3	`4092f0cfc6063442d2d312c319f85acceba98dbe87316441a8f2c41e46db7eef`

9

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x568`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`2.81361`
MD5	`7f494966cd46d73e2b93db070ec1a9ea`
SHA1	`bff69b9bc6f060560adffbf5cee013cfa65b8364`
SHA256	`18830062c5276e87697169f9f359efb15aeb41e8a0ecc79a3c320845f64ca21f`
SHA3	`bce7726fe14d346a37dd7188010630defaad92d91d46745f298a33e1def2aad2`

10

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x25a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.4261`
MD5	`054155198e2281c474861faf4cd3fc4f`
SHA1	`cc0c13027be349167f7bb8bd06e3000f6b905d4b`
SHA256	`752046db2d5ba9b48214cfdc907886277a63ca3638eb1d38a00f207878da0a7d`
SHA3	`9331f3cb9304e4f3de3d8ab87c5277549f7d1772fba31a7a1fe41933aa1d3056`

11

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x10a8`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.68846`
MD5	`a98752f0522554542224c17050b6cd45`
SHA1	`3844d164edc6c530ff4eb0f145b31b7618bec790`
SHA256	`f39679918b57ed83da31c7cb81d5ace2b1409700628cb3ece4224c3f143c29fb`
SHA3	`1b17a3c0a7c3e9d62fcafd66190c4ab56089f75a55adeaf8add4b8a79e3d81bb`

12

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x988`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.58248`
MD5	`7ffbccd219ca36487afed0150da8fc56`
SHA1	`ec1d1e0fae577ef0267d2614c3ff691a69be2795`
SHA256	`b72e0c24aaa3ead9220fd1b21e60c2adfe048c83c7bce3e98cb2207615777c30`
SHA3	`927b1c68751045785448b5fd2c65adb697edb1cb472fc00eaac2fdfea6fa71e6`

13

Type	`RT_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x468`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.58485`
MD5	`7439f9bc2bac19fcbfd94aca0424f3d7`
SHA1	`41b5144e3fc3367e2cce5830b8127d7d55f2e3b0`
SHA256	`4e7aa9843e2f6b206a9b0fbc7e0edcd910b2cbdb0d103644c8fce426bb90415f`
SHA3	`4c3314a23445b81a621de4ca4e13d19a2fc179c63360d0f65dd98db1df07f52a`

32512

Type	`RT_GROUP_ICON`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0xae`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.09593`
Detected Filetype	Icon file
MD5	`7984ecf9332a7252c6f241b890fbc739`
SHA1	`b7046ec45ccd2c22ddb15bca2f71fd4537c2c3c4`
SHA256	`3b5f7fcb0cb753a11c522bf9cd288746536d77a9f5a25995d86ea12384d3d694`
SHA3	`047b25d667d7b90501ee48c54ea5e2f586a23a9e42645d61b792805d25882fb8`

1

Type	`RT_VERSION`
Language	English - United States
Codepage	UNKNOWN
Size	`0x35c`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`3.46396`
MD5	`cb654455467cf3aa5262b3ce7f2b9df8`
SHA1	`6b3d4a5b97d849670ee387d24b00181997a99e6e`
SHA256	`926609c62f1c73a4fb579e3ad42a80a95a85bb1b2d9e814e4f648c123c187d20`
SHA3	`702e4ab83b42a86e0d199378ad7c1944906cad6efa8d9126f44197fdf1a8bea5`

1 (#2)

Type	`RT_MANIFEST`
Language	UNKNOWN
Codepage	UNKNOWN
Size	`0x308`
TimeDateStamp	1980-Jan-01 00:00:00
Entropy	`5.02315`
MD5	`2af3dde5a6f5ba699206d3a8144c9213`
SHA1	`64e5f4df05d2ba4d9494ac337f9ec176552d2d6b`
SHA256	`91f403eaf2436f3d2348a6d2cdb17bd8bfab4cf1a90f42b03fd861383c77b2c3`
SHA3	`4cee4942c6c49101fb923f6650f6b7e4b21e5755454d111b8f1bc7185e6a2b5f`

Version Info

Signature	`0xfeef04bd`
StructVersion	`0x10000`
FileVersion	8.0.4110.9
ProductVersion	8.0.4110.9
FileFlags	`(EMPTY)`
FileOs	`VOS_DOS_WINDOWS32` `VOS_NT` `VOS_NT_WINDOWS32` `VOS_WINCE` `VOS__WINDOWS32`
FileType	`VFT_APP`
Language	English - United States
CompanyName	Oracle Corporation
FileDescription	Java Platform SE binary
FileVersion (#2)	8.0.4110.9
Full Version	1.8.0_411-b09
InternalName	Setup Launcher
LegalCopyright	Copyright © 2024
OriginalFilename	wrapper_jre_offline.exe
ProductName	Java Platform SE 8 U411
ProductVersion (#2)	8.0.4110.9

Resource LangID	English - United States

UNKNOWN

Characteristics	`0`
TimeDateStamp	1970-Jan-01 00:00:00
Version	`0.2`
SizeofData	`3995205632`
AddressOfRawData	`0xea220004`
PointerToRawData	`0x53520004`

TLS Callbacks

Load Configuration

RICH Header

41a0869c7f66610995d939d4173c2ee4

Summary

Plugin Output

Hashes

DOS Header

PE Header

Image Optional Header

.text

.sdata

.rsrc

.reloc

Imports

Delayed Imports

2

3

4

5

6

7

8

9

10

11

12

13

32512

1

1 (#2)

Version Info

UNKNOWN

TLS Callbacks

Load Configuration

RICH Header

Errors