home

fcai805iugw.exe

Mimaki Engineering CO., LTD.

This is a setup program which is used to install the application. The file has been seen being downloaded from eng.mimaki-smt.cn.
Publisher:
Mimaki Engineering CO., LTD.  (signed and verified)

MD5:
73da2730784e9f469394b65a3f4d7f96

SHA-1:
b2beea20a6d96442da36fa06e3be8734016c3f7b

SHA-256:
abe9d32103baa159886324de0a273849311215623e27e1ea6fee44bb8477bb8e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:52:27 PM UTC  (today)

File size:
27.5 MB (28,791,408 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\fcai805iugw.exe

Digital Signature
Signed by:
Mimaki Engineering CO., LTD.

Authority:
VeriSign, Inc.

Valid from:
10/27/2011 7:00:00 AM

Valid to:
10/27/2012 6:59:59 AM

Subject:
CN="Mimaki Engineering CO., LTD.", OU=Technology Division, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Mimaki Engineering CO., LTD.", L=Tomi, S=Nagano, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7319095B9728129BC89DF44D3471F041

File PE Metadata
Compilation timestamp:
4/5/2010 9:56:20 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:KNx4q64bGd2VQNhymcqsDmjeJqw7zu9yeXSJfMyQJsl1z/EhDpF5JfWE:K9MLym/KbayTEIrz/EpL

Entry address:
0x6892

Entry point:
E8, E5, 29, 00, 00, E9, 78, FE, FF, FF, 2D, A4, 03, 00, 00, 74, 22, 83, E8, 04, 74, 17, 83, E8, 0D, 74, 0C, 48, 74, 03, 33, C0, C3, B8, 04, 04, 00, 00, C3, B8, 12, 04, 00, 00, C3, B8, 04, 08, 00, 00, C3, B8, 11, 04, 00, 00, C3, 8B, FF, 56, 57, 8B, F0, 68, 01, 01, 00, 00, 33, FF, 8D, 46, 1C, 57, 50, E8, D5, A8, FF, FF, 33, C0, 0F, B7, C8, 8B, C1, 89, 7E, 04, 89, 7E, 08, 89, 7E, 0C, C1, E1, 10, 0B, C1, 8D, 7E, 10, AB, AB, AB, B9, A8, 31, 41, 00, 83, C4, 0C, 8D, 46, 1C, 2B, CE, BF, 01, 01, 00, 00, 8A, 14, 01...
 
[+]

Entropy:
7.9997  (probably packed)

Code size:
59 KB (60,416 bytes)

The file fcai805iugw.exe has been seen being distributed by the following URL.

http://eng.mimaki-smt.cn/download/files/.../fcai805iugw.exe

Scan fcai805iugw.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.