» mpnx_4_0-win-4_02-ea23_2.exe
Overview
Analysis
File Details
Programs (1)
Downloads (18)

mpnx_4_0-win-4_02-ea23_2.exe

Canon Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from d2.driverscollection.com and multiple other hosts.

File name:

Publisher:

Canon Inc. (signed and verified)

MD5:

929194ff0b8b3a12ae5a809ac58955d9

SHA-1:

649a78358ae357fcf682ff31f77a6b828fa3fe03

SHA-256:

0fc4b64d1ee9992510e67926590a884eba065d3e4951dd444cda76a529b85ab0

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/20/2024 2:04:17 AM UTC (today)

File size:

47.5 MB (49,814,648 bytes)

File type:

Executable application (Win32 EXE)

Digital Signature

Signed by:

Canon Inc.

Authority:

VeriSign, Inc.

Valid from:

4/18/2011 4:00:00 AM

Valid to:

4/18/2012 3:59:59 AM

Subject:

CN=Canon Inc., OU=Inkjet System Development Center, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Canon Inc., L=Kawasaki-shi, S=Kanagawa, C=JP

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

008981DDCE4837C76E0B37280542680A

File PE Metadata

Compilation timestamp:

11/3/2009 12:24:15 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

786432:u5hkFSgRzT7lPhbbFchV51oOcV7nfSIhxxy9KNzuAPfVsOLfDCqlFv4Dfl:CoSERP96V51RYnLxjNiAPWObVDw

Entry address:

0xAF1E

Entry point:

E8, 6E, 4A, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, D0, 4B, 42, 00, 89, 0D, CC, 4B, 42, 00, 89, 15, C8, 4B, 42, 00, 89, 1D, C4, 4B, 42, 00, 89, 35, C0, 4B, 42, 00, 89, 3D, BC, 4B, 42, 00, 66, 8C, 15, E8, 4B, 42, 00, 66, 8C, 0D, DC, 4B, 42, 00, 66, 8C, 1D, B8, 4B, 42, 00, 66, 8C, 05, B4, 4B, 42, 00, 66, 8C, 25, B0, 4B, 42, 00, 66, 8C, 2D, AC, 4B, 42, 00, 9C, 8F, 05, E0, 4B, 42, 00, 8B, 45, 00, A3, D4, 4B, 42, 00, 8B, 45, 04, A3, D8, 4B, 42, 00, 8D, 45, 08, A3, E4, 4B, 42, 00, 8B... 
[+]

Code size:

76 KB (77,824 bytes)

The file mpnx_4_0-win-4_02-ea23_2.exe has been discovered within the following program.

360Amigo System Speedup Free by 360Amigo

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).

www.360amigo.com

53% remove it

The file mpnx_4_0-win-4_02-ea23_2.exe has been seen being distributed by the following 18 URLs.

https://d2.driverscollection.com/b0d5237b934/75b6750bcc5138c9a4087d5c2f4dc2a900f0616bdabcd02e46fa8b21b479017b3054d70f3ca1ce486b8cdf8f29647df3562f06bc/3/32/14/.../mpnx_4_0-win-4_02-ea23_2.exe

http://pdisp01.c-wss.com/.../WWUFORedirectTarget.do?id=MDIwMDAwMTUyODAx&cmp=ABX&lang=SE

http://pdisp01.c-wss.com/.../WWUFORedirectTarget.do?id=MDIwMDAwMTUyODAx&cmp=ABX&lang=DE

http://pdisp01.c-wss.com/.../WWUFORedirectTarget.do?id=MDIwMDAwMTUyODAx&cmp=ABX&lang=NO

https://d2.driverscollection.com/1d3f78fd3374d20/088581b00a4f90c10b4ca90b484a43a71809b7aa78160a25fa75a25a3e3b7fb186d57c951e7c5c90f4f9a2d7849896fa543cdea8/3/32/14/.../mpnx_4_0-win-4_02-ea23_2.exe

https://d2.driverscollection.com/11aeeefa0c6/bd9b032ddbaf112ad9fb17fb9eeb25745e7989e5ae66428770130beb4412a743157c709f4f73bf6063c996c3384770bc57810816/3/32/14/.../mpnx_4_0-win-4_02-ea23_2.exe

http://d2.driverscollection.com/779db369a107/d6835c194e21ccd96922fe13f01f988bbd3a4e4d08d0eb5bb2759eda248d7af0587f5ef7d044c5c2a6a02ae36fc839d153476f97/3/32/14/.../mpnx_4_0-win-4_02-ea23_2.exe

https://d2.driverscollection.com/656cee18a27b/b6aaa3312ef727d508211da03fe8e329764398ff43d4c9634dd728719ab2466dbaeb29acdb78bace1e402a3231e7139556e29ded/3/32/14/.../mpnx_4_0-win-4_02-ea23_2.exe

http://localhost:2868/nig/alert.phtml?cat=33&url=gdlp01.c-wss.com/gds/8/0200001528/.../mpnx_4_0-win-4_02-ea23_2.exe

http://pdisp01.c-wss.com/.../WWUFORedirectTarget.do?id=MDIwMDAwMTUyODAx&cmp=ABX&lang=ES

http://pdisp01.c-wss.com/.../WWUFORedirectTarget.do?id=MDIwMDAwMTUyODAx&cmp=ABX&lang=NL

http://pdisp01.c-wss.com/.../WWUFORedirectTarget.do?id=MDIwMDAwMTUyODAx&cmp=ABS&lang=EN

http://pdisp01.c-wss.com/.../WWUFORedirectTarget.do?id=MDIwMDAwMTUyODAx&cmp=ABX&lang=EN

http://pdisp01.c-wss.com/.../WWUFORedirectTarget.do?id=MDIwMDAwMTUyODAx&cmp=ACY&lang=EN

http://pdisp01.c-wss.com/.../WWUFORedirectTarget.do?id=MDIwMDAwMTUyODAx&cmp=ABX&lang=FR

http://pdisp01.c-wss.com/.../WWUFORedirectTarget.do?id=MDIwMDAwMTUyODAx&cmp=ABX&lang=FI

http://gdlp01.c-wss.com/gds/8/0200001528/.../mpnx_4_0-win-4_02-ea23_2.exe

http://pdisp01.c-wss.com/.../WWUFORedirectTarget.do?id=MDIwMDAwMTUyODAx&cmp=ACB&lang=EN

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.