» paint.net.exe
Overview
Analysis
File Details
Downloads (4)

paint.net.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from d.baixakifiles2.com and multiple other hosts.

File name:

paint.net.exe

MD5:

2c2804e3830fc358464693c2f5f6ab81

SHA-1:

af3ffabcbd1dcb542867f435080ffb4f924c5819

SHA-256:

b2742a8ef2a4eaf458d1e6ed017b580ea5565a3b75b11475a5840b40bf2f474f

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/23/2024 2:15:46 AM UTC (today)

File size:

6 MB (6,272,852 bytes)

File type:

Executable application (Win64 EXE)

Common path:

C:\users\{user}\downloads\3676090eded622c6bec547ed78bdf6d1\698d51a19d8a121ce581499d7b701668\paint.net.exe

File PE Metadata

OS bitness:

Win64

CTPH (ssdeep):

98304:Yu/pc+cQWDtAVpWrWQaIiD4/hoYrGPTYsEVN/zBBl2mPTM4TH3eOaNwJ7fEFp:Yi3IqWrla9DfDPHEvBXfTMyOr6Ap

Entry point:

50, 4B, 03, 04, 14, 00, 00, 00, 08, 00, EA, 79, F6, 44, AD, DD, 4A, BE, 98, B6, 5F, 00, F0, 1E, 60, 00, 1B, 00, 00, 00, 70, 61, 69, 6E, 74, 2E, 6E, 65, 74, 2E, 34, 2E, 30, 2E, 33, 2E, 69, 6E, 73, 74, 61, 6C, 6C, 2E, 65, 78, 65, EC, 5C, 7D, 74, 14, 57, 15, 9F, FD, 4A, 36, C9, 2E, B3, 81, A4, 0D, 25, A1, 81, 04, C4, 06, 30, 74, 09, 25, DD, 04, 36, 34, 1B, B0, 6D, E8, A6, 4B, 76, A1, 4D, A0, DA, 12, 97, B1, B6, 01, 66, 28, 55, 16, 12, 37, D1, 6C, 86, 54, 54, AA, 55, AB, 36, 06, 15, B5, 1E, 50, 6B, 4D, 95, 86... 
[+]

The file paint.net.exe has been seen being distributed by the following 4 URLs.

http://d.baixakifiles2.com/?ic_user_id=254&data=0XZilMgapU x3tDTqYDsE0n65z5jE3sMECSLjSpuVTKqH4rWskdwKwiQF0FwFJ7wzVdFTJnN0ExUMUdPcPCn02xC/EKmNLWVbL8uKj6s3YJGwoHq9Oz4A8cG4XDKDX G090ehFqgtC/ApwNYpL0Unz5fjWZ8ZnSE52CMHD1UP6nCKscrHsKNvDSyblVqu6E3jaLb4RySxsJkxQiDVrAiQ3TM4bWv72U4vplAapee6lDmJl8D5evewpLZFKrJ2KOeFX/2xv/Tj89TZhT3ckiSs7xj2GYhV9sotFY8gQMcHREAh2wnGOqNChPcGsHEVRCaaPdkclylffHamAlCsltqtmfc9tLb5ZzfrUmE5GSWaiYeynXrHzE7LJhdnmFk ZjKodDjPtSmfPOKNpZ8H/GOdJupK7fTxL1oJpeN4vICv0pXDw/xGL6vxhUEtPnZU5/BJ2MZ0 fNhTW0e9PAnu03a2lotmC5/LOR3Tx9xPyVHwbbwczPzvgG6QitIVnM4T69VlYsOUqvEpQyQ5NBSKfTA5l2qNleTQBROvdaVlg26NrTjPq2E4FEoNuSbUD9sx9wahElIIaTMnPHRRAHQdB3mD//Hn2IGrBGNd/.../Po1zLnX1Ww3yx8y9PsaF6D jx1beIiDRyc6Dcj BPrBbbLSuyOR

http://d.baixakifiles2.com/?ic_user_id=254&data=3XsePStgmjX5KbMYVFkmC/RtyEGBMNyJkRJcN07HLZrE50W9L1rOvs797pArK5zI//PvMekIin4hR3c0q KQ5Bq51FFL5Bi DqNv0HVgfTEX Nc98wYC56 e2u8naoRsJRqo6 uxxWfy4GwO8hoaSsE4g4lnxD3nmnT2cIiTSyXmAjSTAyIiYjR Ir6qCvKENlKhXMl5wT90QdzbYLAgIAVPHgm38h6uM5jfZ0jLVG pS SrMoo6VW6sn/Km 2p jTn /p69ZTAXR4mWMn Y7nMQMM1o5v1VCUcmMDAE97C08yXG6sJjewHr2KPEEYbTI2AjvqqKdE2sMeVitu58lSxi4cxBagvrVFKWhAl3x7xa6Nw9Ntu1CLvLWNSDHr3mGBijJY79 jaP Lg4G592TifvVHRqej45mvA 4hdAI2xoNOWm8u sQ/4B8tG1DnK60DMZ6 mtZOXK1yzR0o81P5VaF5NAGhrk3hLzmp656AnqrD5ejqRp1I65hVn2DxnRUeKJzSZrbhB1giv0ZfLwHHSbBsIcO0kC8lzLZandUtSa4Uidwb9CwJV9L4xWGTQ38crhljRzvS7NNSQA8kt65/nZi4vohkqnPQaK7YjSkCHRCjKnCZ/i faKwAI/DvOhisGknAvpXyIFhhK47uO88GA/c2FTkf5NSe2Kmst8tvSb5kvjrP4XBdDckoETXPv6XaIhJnldx/6HDDNi3FUjKgFCj9uyfl79aBibs16MvXWc&key=OPZiw/91ksFcVgV rgcOsw59fqXn68ZLHqmrP/D3xLuHSiV2 y QA7 QpwopgvF33yfBWEpf5 0mNUsVkIz4NvBUc0WKk7LX5rnVmO3xRkW0ZoGEDE6J8 LZnBEgHzZojIYLK7QrlFeYooWXzEwqKiRdrcCRGKQBohwnJnpx5/.../TY5xwfQUYMAXjeCTGkG4e 5GC

http://d.baixakifiles2.com/?ic_user_id=254&data=F2EsxyomOsSkk6Rft/jhbQ0ug7pvLfdAp95W1lbaYgQzM4exUptWvEbewx7K7LzmC74fIDY3C8UDXKP auCMa16cCAGvIeLcwdUP3ynNDr7w9WsictV2pHOWrtusi4dzJVbp0 NW1HiZvvjfgd4LEXF1zHE8WKajmkim9ZGmkQ465lVW5yD8nflmzq2pLVv2CMfnjcBUS6oCZozPENAn6PrnzwNnDb2dP 9NnovzHkfgipn62GCbvy1RFSiMsI6bIBm7ULs12lWzPSKIrq9Nv56YqoI3x sHDw5vaWQSfYtzpoxWwyJ3CJKs2ZnV2HmjmdR7sMkp8zN0A8AH4FdxNPzY1mF4ejuOE90hIFD5kVPVMCi1oeylN5lpUX iFmrh4DBCht5dEFQ1EDF8LvLTCJBaw0RK9CDF6SYGBZSH70cQWm3Bs3VkAEsQDRbPoCyxRjS0QxPReuekiAgDdqXE0l TYnVbrqaPIE1xGxkMBUGXNUlo/qR6cawrpDhoH6R09/wVlABQZxvFddSZgVyc1rKoS0OKUvU5rU6Wf5mRGhQ79/2Z3xAbFQYaz939EDC2OuucdsLQDZLWlcAlwRHlpoFh96EZ/WREQzSWMgO4WH9SnXrM3OFRyqKbFO10yrR2G7DkDr/z3P9i2Skpyp5IQ4izL R2N8ZAbhMrs2ygJUwZ8sdSOiZ9k72fsILQSEJKA78SuYZZ MbsYNDIXIxiMbmUEQ406QBPalaB3pyX0XU/&key=nOci2gba3GQS7ePzDE577XJnhNWcSk/rRHtzTdvzNlBim0XvatjtUcPORQpezbf741V1YgX4 bTaqosvtjdIyheHLlW4u0 jM7bw5sP/.../Y6635SI7QlxQdHF3enhuAVZcGAFQNoXy96x1eEkUI IlAWsxQ

http://www.dotpdn.com/.../paint.net.4.0.3.install.zip

Scan paint.net.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.