home

jpartm.exe

駅すぱあと

Val Laboratory Corporation

Publisher:
株式会社ヴァル研究所  (signed by Val Laboratory Corporation)

Product:
駅すぱあと

Description:
航空時刻表

Version:
3, 3, 2, 9884

MD5:
fcd9d78f67265e8dad327099537e5a66

SHA-1:
5a67bc79e3c54fad73c34a807549dd591a14f53d

SHA-256:
71d5cd0ec72c5cdd7f1d4e59ff44e3ccca6625dd1d61fde8d3faa8b3e675d40b

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
4/19/2024 10:39:23 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Crypt.XPACK.Gen2
7.11.30.172

File size:
670.4 KB (686,448 bytes)

Product version:
3, 3, 14, 601

Copyright:
(C)Val Laboratory Corporation

Original file name:
ExpAdia.EXE

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\expwin32\jpartm.exe

Digital Signature
Signed by:
Val Laboratory Corporation

Authority:
VeriSign, Inc.

Valid from:
7/8/2013 9:00:00 AM

Valid to:
7/12/2014 8:59:59 AM

Subject:
CN=Val Laboratory Corporation, OU=Management & Coordination, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Val Laboratory Corporation, L=Suginami-ku, S=Tokyo, C=JP

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
33D9FC6DE193E2D91356744DCD399FDF

File PE Metadata
Compilation timestamp:
5/12/2014 6:10:42 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
12288:PGx4nFHcoMNE79F7ahkEVchzLOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOa:IGZ79F7ahkEAXOOOOOOOOOOOOOOOOOOS

Entry address:
0x2BE14

Entry point:
E8, E4, AB, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 83, EC, 14, 53, FF, 75, 10, 8D, 4D, EC, E8, 88, EB, FF, FF, 33, DB, 39, 5D, 08, 75, 2E, E8, 4E, 0A, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 3F, 3C, 00, 00, 83, C4, 14, 38, 5D, F8, 74, 07, 8B, 45, F4, 83, 60, 70, FD, B8, FF, FF, FF, 7F, E9, BE, 00, 00, 00, 56, 8B, 75, 0C, 3B, F3, 75, 2E, E8, 18, 0A, 00, 00, 53, 53, 53, 53, 53, C7, 00, 16, 00, 00, 00, E8, 09, 3C, 00, 00, 83, C4, 14, 38, 5D, F8, 74, 07, 8B, 45, F4, 83, 60, 70, FD, B8, FF, FF...
 
[+]

Entropy:
5.8112

Code size:
264 KB (270,336 bytes)

Scan jpartm.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.