home

9jrushcotxfk.exe

Canon IJ Scan Utility

PKK OOO

The executable 9jrushcotxfk.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
CANON INC.  (signed by PKK OOO)

Product:
Canon IJ Scan Utility

Version:
1.1.10.8968

MD5:
2220c4c897494b482f2c39ff08174e8d

SHA-1:
c248d281804be9438ad15d48fbff28ee215131bb

SHA-256:
924d488ef078b0b6e7770d768c7c0a70cfc81c19d1cf51dc34f90d6ec1153f80

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/26/2024 8:31:17 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.21.11

File size:
587.4 KB (601,528 bytes)

Product version:
1.1.10.8968

Copyright:
Copyright CANON INC. 2012-2014

Original file name:
ScanUtility.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\9jrushcotxfk.exe

Digital Signature
Signed by:
PKK OOO

Authority:
COMODO CA Limited

Valid from:
5/20/2015 2:00:00 AM

Valid to:
5/20/2016 1:59:59 AM

Subject:
CN=PKK OOO, O=PKK OOO, STREET=103 ul.Krasnoarmeiskaya, L=Bryansk, S=Bryansk Region, PostalCode=241037, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
009C395A86D91DA63BAC9CEF694A772B43

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x8599B

Entry point:
E9, 96, 2D, 00, 00, 23, 5D, DF, D1, AB, 01, 35, 58, E1, 58, 89, DD, 51, 2E, 74, 08, 10, 84, 55, A0, 52, 06, DC, D0, B2, 62, FA, 5A, 48, 10, C2, 96, 4C, 08, DA, 4E, 7E, 42, 64, F4, 4A, 52, C3, 9B, 78, 7C, AD, 72, 74, BD, B9, F9, 37, 47, D4, 6A, 4B, 14, 75, 54, 3F, 8D, AA, 49, 32, DD, 9B, BA, 05, EE, EE, 76, F8, E8, DE, AE, F8, 48, 4D, AB, 72, 50, 66, F3, DA, 6B, BF, 45, F5, FA, 7D, DC, CE, F5, 62, 20, 51, 7B, 57, 70, 6B, A5, 82, F6, CD, 73, D3, 57, 9E, EC, 82, 03, 1C, D5, A3, C5, 84, 80, BF, 37, 2F, 2D, E5...
 
[+]

Packer / compiler:
Xtreme-Protector v1.05

Code size:
441 KB (451,584 bytes)

Remove 9jrushcotxfk.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.