home

8fpujkmmgvvf.exe

Canon IJ Scan Utility

PKK OOO

The executable 8fpujkmmgvvf.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
CANON INC.  (signed by PKK OOO)

Product:
Canon IJ Scan Utility

Version:
1.1.10.8968

MD5:
9ac848902a3ec7568b9346c9eb2d1aa8

SHA-1:
f2e30b6eb2f66d5a3058a1e89d44f4a4e03d8b61

SHA-256:
84cf5bd03f582d4f5077b849954a0a05b7b9a6cf2ee2e415cc8f4ffac95628c7

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/26/2024 8:22:58 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.26.11

File size:
591.4 KB (605,624 bytes)

Product version:
1.1.10.8968

Copyright:
Copyright CANON INC. 2012-2014

Original file name:
ScanUtility.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\8fpujkmmgvvf.exe

Digital Signature
Signed by:
PKK OOO

Authority:
COMODO CA Limited

Valid from:
5/20/2015 7:00:00 AM

Valid to:
5/20/2016 6:59:59 AM

Subject:
CN=PKK OOO, O=PKK OOO, STREET=103 ul.Krasnoarmeiskaya, L=Bryansk, S=Bryansk Region, PostalCode=241037, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
009C395A86D91DA63BAC9CEF694A772B43

File PE Metadata
Compilation timestamp:
6/20/1992 5:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x849DF

Entry point:
E9, E5, B7, FF, FF, 89, 44, 24, 10, 60, 68, 4B, B4, F4, 58, FF, 75, FC, 8F, 44, 24, 30, E9, C4, F7, FF, FF, E8, 01, F9, FF, FF, 9F, 8D, 84, 24, C9, 75, 3C, BC, 8D, 05, D0, 93, 48, 00, E8, DE, F4, FF, FF, C4, F0, 4F, 1E, 68, 88, FD, 53, 07, 8D, 1E, 96, 6A, 49, 1D, E6, FB, D1, 53, 81, 33, E0, F2, 92, 93, 99, 67, 66, 14, 58, 3D, 59, B8, 76, D7, C5, AB, 26, AF, 73, B9, 3E, 74, 98, 69, 7D, 51, 84, 80, 89, C5, 2F, A9, 6B, BB, 51, 12, 53, E9, 1B, FC, B9, 68, 0D, 39, D4, 48, 2B, 1A, 07, CC, 4A, D1, 7A, 1B, 72, E2...
 
[+]

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
441 KB (451,584 bytes)

Remove 8fpujkmmgvvf.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.