Gridinsoft Logo

The IJPLMSVC.exe (Inkjet Printer/Scanner/Fax Extended Survey Program Service) File Analysis

Technical Analysis

File Name IJPLMSVC.exe
File Type
Win32 EXE
Magic Bytes PE32 executable (GUI) Intel 80386, for MS Windows
SSDEEP Hash
12288:wmtG+W0Sg00iOpD3BbBCpMCXFeZvknBjvrEH76:FG+r0srCKC1eZvklrEH76
Scanner Version 1.0.212.174
Database Version 2025-04-03 13:00:35 UTC
⚠

Suspicious File Detected

Detected by 43 security engines - requires caution

This file requires additional checking for potential threats. Based on suspicious indicators, we will soon add it to our virus database.
75%
Detection Rate
524,607
File Size (bytes)
43/57
Engines Detected
2025-04-03
Analysis Date

Scan Another File

File Identification

Hash Type Value Action
MD5
08b4bcf4ace651af83bc6e142495c84a
SHA1
43e0f3dc82b22891868dcf5260ca12948a26b36f
SHA256
57e34152acdc5bad78d8c89506e77311a60affa945a849d77184e54a00b476dc
SHA512
42764ca59c5606dedbf0f5966dc9fbae02f1cf10bf6ad370d13041ca1de1bd6fc659db65979395d5f40e7d2c7b33fa8cc58adf5a9a57074dad18a0508fb6f15b
ImpHash
4aaf83b49b2cc01309a543425b442ab5

Security Engines with Detections (43 of 57)

Bkav
W32.FloxitNV.PE Malicious
Elastic
Windows.Virus.Floxif Malicious
MicroWorld-eScan
Win32.Floxif.A Malicious
FireEye
Generic.mg.08b4bcf4ace651af Malicious
McAfee
Generic Obfuscated.g Malicious
Cylance
Unsafe Malicious
Zillya
Virus.Floxif.Win32.1 Malicious
Cynet
Malicious (score: 99) Malicious
K7AntiVirus
Virus ( 00521e9a1 ) Malicious
K7GW
Virus ( 00521e9a1 ) Malicious
CrowdStrike
win/malicious_confidence_100% (D) Malicious
Baidu
Win32.Virus.Floxif.a Malicious
VirIT
Win32.FloodFix.A Malicious
Symantec
W32.Fixflo.B!inf Malicious
APEX
Malicious Malicious
ClamAV
Win.Virus.Pioneer-9111434-0 Malicious
Kaspersky
Virus.Win32.Pioneer.cz Malicious
NANO-Antivirus
Virus.Win32.Pioneer.bvrqhu Malicious
Rising
Virus.Floxif!1.9BE6 (CLASSIC) Malicious
F-Secure
Malware.W32/Infector.Gen4 Malicious
VIPRE
Win32.Floxif.A Malicious
TrendMicro
PE_FLOXIF.D Malicious
SentinelOne
Static AI - Suspicious PE Malicious
Sophos
W32/Floxif-C Malicious
Ikarus
Virus.Win32.Floxif.A Malicious
Jiangmin
Win32/Pioneer.l Malicious
Avira
W32/Infector.Gen4 Malicious
Antiy-AVL
Virus/Win32.Pioneer.cz Malicious
Kingsoft
Win32.Pioneer.CZ.2433 Malicious
Xcitium
Virus.Win32.Floxif.A@7h5wha Malicious
Microsoft
Virus:Win32/Floxif.H Malicious
ZoneAlarm
W32/Floxif-C Malicious
GData
Win32.Floxif.A Malicious
Google
Detected Malicious
AhnLab-V3
Win32/Fixflo.GEN Malicious
VBA32
Virus.Win32.Floxif.h Malicious
DeepInstinct
MALICIOUS Malicious
TrendMicro-HouseCall
PE_FLOXIF.D Malicious
Tencent
Virus.Win32.Pionner.tt Malicious
huorong
Virus/Floxif.gen$TA Malicious
MaxSecure
Virus.W32.Pioneer.CZ Malicious
Fortinet
W32/Floxif.H Malicious
Panda
W32/Floxif.A Malicious
14 engines reported no threats - Only engines with detections are shown above for clarity

PE Analysis

Basic Information

β–Ό
Image Base 0x00400000
Entry Point 0x00433a03
Compilation Time 2023-09-12 23:11:00
Checksum 0x000753da (Actual: 0x0008f525)
OS Version 6.0
PEiD Signatures PE32 executable (GUI) Intel 80386, for MS Windows
PDB Path C:\Users\2495\Desktop\PESP\V652\fc2.0\ESPζœ¬δ½“\vc12\Release\IJPLMSVC.pdb
Digital Signature The expected hash does not match the digest in SpcInfo
Imports 8 libraries
SHLWAPI, PSAPI, KERNEL32, USER32, WINSPOOL, ADVAPI32, SHELL32, ole32
Exports 0 functions
Resources 2 Resources
Sections 6 Sections

Version Information

β–Ό
FileDescription Inkjet Printer/Scanner/Fax Extended Survey Program Service
FileVersion 6, 5, 2, 0
InternalName IJPLMSVC
LegalCopyright Copyright CANON INC. 2006-2023
OriginalFilename IJPLMSVC.exe
ProductName IJPLMSVC
ProductVersion 6, 5, 2, 0
Translation 0x0409 0x04e4

PE Sections

β–Ό
Name Virtual Address Virtual Size Raw Size Entropy Characteristics MD5
.text 0x00001000 340,474 bytes 340,480 bytes 6.56 (Compressed) IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ 7C23A853EFFFC64E9B0963295D998AC0
.rdata 0x00055000 86,558 bytes 87,040 bytes 5.22 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 2489E11E33B88DA13349D73570E3E1CB
.data 0x0006b000 11,588 bytes 5,632 bytes 4.18 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE DEAFB38E28D7BED9C5E6B073AC5D86CA
.gfids 0x0006e000 784 bytes 1,024 bytes 3.20 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 59445E307F685303021C7DCE3C7BF7EE
.tls 0x0006f000 9 bytes 512 bytes 0.02 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE 1F354D76203061BFDD5A53DAE48D5435
.rsrc 0x00070000 2,184 bytes 2,560 bytes 4.54 (Normal) IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ 045AABAAD99D69D76566AA8AE03C9E6D
Entropy Analysis Alert

1 section(s) with elevated entropy (β‰₯6.5) - possible compression

Resource Analysis

β–Ό
Total Resources: 2 (2,023 bytes)
Resource Type Count Total Size Percentage
RT_VERSION 1 768 bytes
38%
RT_MANIFEST 1 1,255 bytes
62%

Certificate Chain Analysis

β–Ό
Certificate Information
Product IJPLMSVC
Description Inkjet Printer/Scanner/Fax Extended Survey Program Service
File Version 6, 5, 2, 0
Original Name IJPLMSVC.exe
Internal Name IJPLMSVC
Copyright Copyright CANON INC. 2006-2023
Certificate Chain Summary
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 #1 Primary
Validity Period: 2021-04-29 00:00:00 β†’ 2036-04-28 23:59:59
Signature Algorithm: sha384RSA
Serial Number: 08 AD 40 B2 60 D2 9C 4C 9F 5E CD A9 BD 93 AE D9
Canon Inc. #2 Chain
Validity Period: 2023-02-03 00:00:00 β†’ 2024-03-09 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 0F 4C 7E 4D C7 18 62 AC DC 0C 43 62 05 A8 A1 24
Symantec SHA256 TimeStamping CA #3 Chain
Validity Period: 2016-01-12 00:00:00 β†’ 2031-01-11 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 7B 05 B1 D4 49 68 51 44 F7 C9 89 D2 9C 19 9D 12
Symantec SHA256 TimeStamping Signer - G3 #4 Chain
Validity Period: 2017-12-23 00:00:00 β†’ 2029-03-22 23:59:59
Signature Algorithm: sha256RSA
Serial Number: 7B D4 E5 AF BA CC 07 3F A1 01 23 04 22 41 4D 12

βœ“ This file has been digitally signed and the certificate chain has been verified

  • The signature ensures file integrity and authenticity from the publisher
  • Timestamping proves when the signature was applied
Certificate Verification Status

The expected hash does not match the digest in SpcInfo

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Remember: This is Result of Online Virus Scanner

Gridinsoft Anti-Malware has a much more powerful virus scanning engine. We recommend using it for a more precise diagnosis of infected systems. This brief guide will help you install our flagship product for more accurate diagnostics:

Download Anti-Malware

Keep Your System Protected

This file appears clean, but regular security maintenance is important

  1. Regular Scans: Run weekly system scans to detect new threats before they can cause damage.
  2. Keep Software Updated: Ensure your operating system and all applications have the latest security patches.
  3. Safe Browsing: Avoid suspicious websites and never download software from untrusted sources.
  4. Email Security: Be cautious with email attachments and links, even from known contacts.
Proactive Protection
43 antivirus engines detected potential threats. This could be a false positive, especially for system tools or packed software. Verify the file source and check if it's digitally signed by a trusted publisher.

Leave a Comment

Share your thoughts or insights about this file. Do you align with our conclusion?

* Your feedback could influence our rating, and rest assured, your email will remain confidential and will only be used to communicate with you if necessary.
Your Score for

Gridinsoft Anti-Malware

Cure your PC from any kind of malware

GridinSoft Anti-Malware will help you to protect your computer from spyware, trojans, backdoors, rootkits. It cleans your system from annoying advertisement modules and other malicious stuff developed by hackers.

Gridinsoft Anti-Malware