Gridinsoft Logo
File Icon

The Play L2Java.exe (Updater by Ave) File Analysis

Updated 1 month ago
Checked by Malaware Check
Play L2Java.exe

Technical Analysis

File Name Play L2Java.exe
File Type
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Scanner Version 1.0.213.174
Database Version 2025-04-15 05:00:30 UTC

Clean File

No threats detected by our scanner

0%
Detection Rate
7,352,832
File Size (bytes)
2025-04-15
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
b5d7047d68a2eea8afcc59d1bbf75d4f
SHA1
0f3bc075a1d10bd05346b16c3f250f289291c96f
SHA256
bd3f105ee43f6537846214fef70c3698aacea3f75999f504cfaf681b923b002a
SHA512
090e1df3576c8b1d51a561cf3ef9d93ade523aa2eb8af19bf8f2d582a78606399741f770ecdf742f1bbba300d9aa9bc096ca75ca60b21458a122c523f049c7ea
ImpHash
20965cb4dd1bae60984bf94ce9300165

PE Analysis

Basic Information

Icon
Hash: 68680bdf9f3a2d00ea297ccfb7444732
Fuzzy: 0fcdc3142f73bc5d9dcf26014d073eac
dHash: 2b3373b1b3717133
Image Base 0x00400000
Entry Point 0x00402364
Compilation Time 2022-10-20 19:52:17
Checksum 0x00000000 (Actual: 0x0071312d)
OS Version 4.0
PEiD Signatures PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
Digital Signature No valid SignedData structure was found.
Imports 14 libraries
Exports 129 functions
Resources 66 Resources
Sections 9 Sections

Version Information

FileDescription Updater by Ave
FileVersion 2.1.0.3
LegalCopyright Skype: mrave20
ProgramID com.embarcadero.Updater
ProductName https://l2java.net/
ProductVersion 2.1.0.3
Translation 0x0409 0x04e4

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 4,591,616 bytes 4,589,056 bytes 6.60 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 62BB92AEC1D6859BC68BAF0BB7DF1C3A
.data 0x00462000 1,708,032 bytes 538,624 bytes 6.11 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 4F889C302EC59CA4175AB2DF56E13A58
.tls 0x00603000 4,096 bytes 512 bytes 0.05 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 1F25A0CD7DF68924795075436FC8F504
.rdata 0x00604000 4,096 bytes 512 bytes 0.21 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ E5911AD6C1AB69D4F4A5D19D3FE78EC6
.idata 0x00605000 16,384 bytes 15,872 bytes 5.14 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 18F9E60998B5B966F541BCF10E3F4A4A
.didata 0x00609000 4,096 bytes 3,072 bytes 4.40 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 7D7D0393EFA1016253CFAC9E40BDC15C
.edata 0x0060a000 8,192 bytes 5,120 bytes 5.40 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ DFAE95D10ED9E85857626EB1ADFE6CD9
.rsrc 0x0060c000 1,880,632 bytes 1,881,088 bytes 7.72 (Packed/Encrypted) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 6971764BEF1F47CBE21516A24AFB4736
.reloc 0x007d8000 319,488 bytes 317,440 bytes 6.73 (Compressed) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ C0E3EE35F52F675636EE5BD555848E6D
Entropy Analysis Alert

1 section(s) with high entropy (≥7.5) detected - possible packing/encryption

2 section(s) with elevated entropy (≥6.5) - possible compression

Resource Analysis

Total Resources: 66 (1,877,073 bytes)
Resource Type Count Total Size Percentage
RT_CURSOR 7 2,156 bytes
0.1%
RT_ICON 4 285,408 bytes
15.2%
RT_STRING 36 32,364 bytes
1.7%
RT_RCDATA 9 1,555,117 bytes
82.8%
RT_GROUP_CURSOR 7 140 bytes
0%
RT_GROUP_ICON 1 62 bytes
0%
RT_VERSION 1 608 bytes
0%
RT_MANIFEST 1 1,218 bytes
0.1%

Certificate Chain Analysis

Certificate Information
Product https://l2java.net/
Description Updater by Ave
File Version 2.1.0.3
Copyright Skype: mrave20
Certificate Chain Summary
VeriSign Time Stamping Services CA #1 Primary
Validity Period: 2003-12-04 00:00:00 → 2013-12-03 23:59:59
Signature Algorithm: sha1RSA
Serial Number: 47 BF 19 95 DF 8D 52 46 43 F7 DB 6D 48 0D 31 A4
VeriSign Time Stamping Services Signer #2 Chain
Validity Period: 2003-12-04 00:00:00 → 2008-12-03 23:59:59
Signature Algorithm: sha1RSA
Serial Number: 0D E9 2B F0 D4 D8 29 88 18 32 05 09 5E 9A 76 88
Microsoft Root Authority #3 Chain
Validity Period: 1997-01-10 07:00:00 → 2020-12-31 07:00:00
Signature Algorithm: md5RSA
Serial Number: C1 00 8B 3C 3C 88 11 D1 3E F6 63 EC DF 40
Microsoft Code Signing PCA #4 Chain
Validity Period: 2000-12-10 08:00:00 → 2005-11-12 08:00:00
Signature Algorithm: md5RSA
Serial Number: 6A 0B 99 4F C0 00 DE AA 11 D4 D8 40 9A A8 BE E6
Microsoft Corporation #5 Chain
Validity Period: 2003-10-25 05:59:14 → 2005-01-25 06:09:14
Signature Algorithm: sha1RSA
Serial Number: 61 0E 7D A7 00 00 00 00 00 48

✓ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
This file passed all security checks, but stay vigilant. New malware variants appear daily that can evade detection. Always verify files come from official sources and check digital signatures when available.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Anti-Malware Download Now
Gridinsoft Anti-Malware