home

FBKPROG.EXE

Fujitsu Backup Solution

FUJITSU LIMITED

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘FBkupSltn_{8CF0C2C5-97D3-4346-8649-F922FADB5E67}’.
Publisher:
FUJITSU LIMITED  (signed and verified)

Product:
Fujitsu Backup Solution

Version:
1.0.0.0

MD5:
9bd690de6dd9a24dfb2e10ad7e2eb48d

SHA-1:
dfe378e45568016ed168ac72292b6a7d18c50a88

SHA-256:
b41a6fd1b1379ba4cea92b0ca0f40c96e18edbb9a9cc57f06a3480e36b118cb5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/1/2024 8:57:48 PM UTC  (today)

File size:
1.2 MB (1,226,568 bytes)

Product version:
1.0.0.0

Copyright:
Copyright FUJITSU LIMITED 2011

Original file name:
FBKPROG.EXE

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
FUJITSU LIMITED

Authority:
VeriSign, Inc.

Valid from:
4/20/2011 9:00:00 AM

Valid to:
5/21/2012 8:59:59 AM

Subject:
CN=FUJITSU LIMITED, OU=Personal Systems Business Unit, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=FUJITSU LIMITED, L=Kawasaki, S=Kanagawa, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
4E1827E3F15E30FE78042871BED356A2

File PE Metadata
Compilation timestamp:
6/6/2011 7:45:39 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
24576:U17+87iRoHZk1OhlBI8PJha6NLstT6QNszAr:U1TXBI8xFsR64szAr

Entry address:
0x8443A

Entry point:
E8, 3E, C1, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 7D, 08, 00, 74, 14, FF, 75, 1C, FF, 75, 18, FF, 75, 14, FF, 75, 10, FF, 75, 0C, E8, CA, 08, 00, 00, 5D, C3, 6A, 0C, 68, 58, C0, 4F, 00, E8, 6F, 7D, 00, 00, 6A, 0E, E8, 32, C3, 00, 00, 59, 83, 65, FC, 00, 8B, 75, 08, 8B, 4E, 04, 85, C9, 74, 2F, A1, 6C, 28, 50, 00, BA, 68, 28, 50, 00, 89, 45, E4, 85, C0, 74, 11, 39, 08, 75, 2C, 8B, 48, 04, 89, 4A, 04, 50, E8, 82, D6, FF, FF, 59, FF, 76, 04, E8, 79, D6, FF, FF, 59, 83, 66, 04, 00, C7, 45, FC, FE...
 
[+]

Entropy:
6.4762

Code size:
777.5 KB (796,160 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
FBkupSltn_{8CF0C2C5-97D3-4346-8649-F922FADB5E67}

Command:
C:\fujitsu\fbkupsltn\filebkup\fbkprog.exe


herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.