home

CAP2ONN.EXE

Canon Advanced Printing Technology

CANON INC.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘CAP2ON’.
Publisher:
CANON INC.  (signed and verified)

Product:
Canon Advanced Printing Technology

Description:
Canon Advanced Printing Technology Printer Driver

Version:
1.00.0.018

MD5:
4821f4731cac9052fde237f9cd996e94

SHA-1:
5738f9b5657178c138b5826ae85c6630205b2be1

SHA-256:
65dcae369c9b6b9612c69e8ae926dbb905c5ca24f16f7ec44f0c055c7b965f3c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 9:02:39 PM UTC  (today)

File size:
27.6 KB (28,288 bytes)

Product version:
1.00.0.018

Copyright:
Copyright CANON INC. 1998-2002

Original file name:
CAP2ONN.EXE

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Windows\System32\spool\drivers\w32x86\3\cap2onn.exe

Digital Signature
Signed by:
CANON INC.

Authority:
VeriSign, Inc.

Valid from:
10/30/2006 7:00:00 AM

Valid to:
10/31/2007 6:59:59 AM

Subject:
CN=CANON INC., OU=Office Imaging Products, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=CANON INC., L=Kawasaki, S=Kanagawa, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5144D731BBB6072C54AB3D53C952930D

File PE Metadata
Compilation timestamp:
2/5/2002 7:32:57 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
384:ex69krT9Tqs1nZDJaC+bc3sJpBUzv2LCcgci9b730:eBZqylJg7pUuL3abL0

Entry address:
0x1310

Entry point:
55, 8B, EC, 6A, FF, 68, 00, 30, 40, 00, 68, 28, 23, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, C4, A8, 53, 56, 57, 89, 65, E8, FF, 15, 40, 71, 40, 00, 33, D2, 8A, D4, 89, 15, 34, 65, 40, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 30, 65, 40, 00, C1, E1, 08, 03, CA, 89, 0D, 2C, 65, 40, 00, C1, E8, 10, A3, 28, 65, 40, 00, E8, 84, 0E, 00, 00, 85, C0, 75, 0A, 6A, 1C, E8, 39, 01, 00, 00, 83, C4, 04, C7, 45, FC, 00, 00, 00, 00, E8, 6A, 0C, 00, 00, E8, 55, 0C, 00, 00, FF, 15, 3C, 71, 40...
 
[+]

Entropy:
4.9287

Developed / compiled with:
Microsoft Visual C++

Code size:
8 KB (8,192 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
CAP2ON

Command:
C:\Windows\System32\spool\drivers\w32x86\3\cap2onn.exe


Scan CAP2ONN.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.