home

paint.exe

Paint XP

MSPAINTXP.COM

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from www.mspaintxp.com.
Publisher:
MSPAINTXP.COM

Product:
Paint XP

Description:
Paint XP Setup

MD5:
76bffbb2eb80d56a72233c5883e6533d

SHA-1:
cdb5723fef3a53362507ebbe13d62d0ed4ca9032

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 1:45:52 AM UTC  (today)

File size:
568.5 KB (582,109 bytes)

Product version:
1.4

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\paint.exe

File PE Metadata
Compilation timestamp:
6/20/1992 8:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:gQi1OLY0c6aiU3OzEfirtRIXt875jX4Pn7nb1yRl7q3C8pJth:gQi45aiU+zEcRIXt87dX4HWl7uh

Entry address:
0xA5F8

Entry point:
69, FF, 84, 76, BB, BE, 10, D5, 69, C9, 66, 05, D6, 40, FF, CB, 0F, AF, F1, 87, EB, EB, 02, 10, C2, 0F, AF, CF, 80, F7, EB, 09, D3, 3B, FD, 69, E8, 74, 71, CB, F4, 32, C9, 85, DB, F7, C5, 07, 0E, E9, 91, 88, E9, F7, C5, 60, 94, 3A, 64, 0F, BF, C2, 0F, AF, C0, 18, C1, E8, 00, 00, 00, 00, 8D, 05, 32, DF, CA, 46, 69, C5, 59, 7C, 1B, 7C, F3, 0F, AF, F3, 39, F0, 43, 33, C8, 3B, C1, 72, 02, 84, DB, 5F, EB, 05, 86, C1, 0F, BE, C5, 4B, 0F, BF, F1, B8, 08, C0, 79, D6, 2D, 78, 00, 73, FB, 0F, AF, D8, C7, C6, F2, 00...
 
[+]

Entropy:
7.9512  (probably packed)

Code size:
39.5 KB (40,448 bytes)

The file paint.exe has been seen being distributed by the following URL.

http://www.mspaintxp.com/paint.exe

Scan paint.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.