home

b420150.exe

LZH 自己解凍書庫 for Win95/NT3.51

Mt.Wide SoftLib

This is a setup program which is used to install the application. The file has been seen being downloaded from download.canon.jp.
Publisher:
Mt.Wide SoftLib

Product:
LZH 自己解凍書庫 for Win95/NT3.51

Version:
1, 2, 2, 0

MD5:
a8c045be9d3f92055a4c20af76bb6d53

SHA-1:
be046ff0fb424e123cddee2d695793db4cd47444

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
8/4/2025 8:45:06 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.4959

File size:
1.9 MB (1,989,190 bytes)

Product version:
1, 2, 2, 0

Copyright:
Copyright (C) 1997-1998 Mt.Wide

Original file name:
lzhsfx95.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\My documents\downloads\b420150.exe

File PE Metadata
Compilation timestamp:
4/15/1998 4:30:22 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.10

CTPH (ssdeep):
49152:GsyRpvRnpASnj8IjBq1SujM5W5nvM4UcfFalTrxqkz9f0:fyFySnj8I1q8WFblfFmTrxs

Entry address:
0x33AD

Entry point:
64, A1, 00, 00, 00, 00, 55, 8B, EC, 6A, FF, 68, 80, 41, 40, 00, 68, E4, 32, 40, 00, 50, A1, 08, 51, 40, 00, 64, 89, 25, 00, 00, 00, 00, 8B, 0D, 18, 40, 40, 00, 83, EC, 6C, 89, 01, 8B, 15, 04, 51, 40, 00, A1, 20, 40, 40, 00, 53, 56, 57, 89, 65, E8, 89, 10, E8, 10, 01, 00, 00, 8D, 55, D8, 8D, 45, D4, FF, 35, 00, 51, 40, 00, 52, 50, 8D, 4D, D0, 51, E8, F3, 00, 00, 00, 83, C4, 10, 68, 04, E0, 41, 00, 68, 00, E0, 41, 00, E8, DB, 00, 00, 00, 83, C4, 08, C7, 45, FC, 00, 00, 00, 00, A1, 48, 40, 40, 00, 8B, 30, 8A...
 
[+]

Entropy:
7.9956

Developed / compiled with:
Microsoft Visual C, 2.0

Code size:
9.5 KB (9,728 bytes)

The file b420150.exe has been seen being distributed by the following URL.

http://download.canon.jp/pub/driver/bj/.../b420150.exe

Scan b420150.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.