home

ljp2055_fw_update_20120615_signed.exe

Hewlett-Packard Company

Publisher:
Hewlett-Packard Company  (signed and verified)

MD5:
4afccebc0762e52a84e43c77d3a8dbc2

SHA-1:
3af85008c689cb5e32ef63bc663b84ab74b16290

SHA-256:
d2aea850be8b8b9eada1bde371f861d6c3bb6d020db4170073a4c9a23e8a56d5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 6:04:04 AM UTC  (today)

File size:
7.8 MB (8,148,416 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Hewlett-Packard Company

Authority:
VeriSign, Inc.

Valid from:
11/15/2011 6:00:00 PM

Valid to:
11/15/2014 5:59:59 PM

Subject:
CN=Hewlett-Packard Company, OU=Product Development IT2, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Hewlett-Packard Company, L=Andover, S=Massachusetts, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
44BC63EA9D7FB68CBCD9101F391CA145

File PE Metadata
Compilation timestamp:
7/11/2012 10:40:26 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
98304:tQ8ccnkEb4/sOZx/2esKYxkErDTewJ04i3pxZA3hNB+Te1P2bH0dD:tQekEb49ZB1NYTTf04mpxmxNwTsOYJ

Entry address:
0x12A0

Entry point:
55, 89, E5, 83, EC, 08, C7, 04, 24, 02, 00, 00, 00, FF, 15, 9C, 22, 41, 00, E8, 98, FE, FF, FF, 90, 8D, B4, 26, 00, 00, 00, 00, 55, 8B, 0D, B8, 22, 41, 00, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, AC, 22, 41, 00, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, 89, E5, 5D, E9, BF, 41, 00, 00, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, 8B, 45, 08, A3, 20, 90, 40, 00, C7, 44, 24, 10, 00, 00, 00, 00, C7, 44, 24, 0C, 3A, 13, 40, 00, C7, 44, 24, 08, 00, 00, 00, 00, C7, 44, 24, 04, 66, 00, 00, 00, A1, 20...
 
[+]

Entropy:
5.0191

Packer / compiler:
MingWin32

Code size:
22 KB (22,528 bytes)

The file ljp2055_fw_update_20120615_signed.exe has been seen being distributed by the following URL.

http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDownloadEventHandler.jsp?redirectReason=SWD_FTP_Request&swItem=lj-66687-9&prodSeriesId=3662052&prodLine=8A&targetPage=ftp://ftp.hp.com/pub/softlib/software12/COL25935/.../ljp2055_FW_Update_20120615_SIGNED.exe&filesize=8148416

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.