photoscape_v3.6.1.exe

PhotoScape

Mooii Tech

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. This is installed with multiple programs including PhotoScape. The file has been seen being downloaded from f2h.nana10.co.il and multiple other hosts.
Publisher:
Mooii  (signed by Mooii Tech)

Product:
PhotoScape

Description:
PhotoScape Setup

Version:
V3.6.1

MD5:
e8298610e6b468fb620d6f25d76c406b

SHA-1:
6e5dff51382627c079281e5b7f96fc61befd0e0a

SHA-256:
8f536aff8009cdd060e2f434bb7b6e7fd788271f36be5ca16c9ad2a6d73dbd5d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 2:21:12 PM UTC  (today)

File size:
17 MB (17,845,624 bytes)

Copyright:
Copyright (C) 2005-2012 Mooii

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

Language:
Language Neutral

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
12/11/2011 5:00:00 PM

Valid to:
12/11/2014 4:59:59 PM

Subject:
CN=Mooii Tech, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Mooii Tech, L="Dongnam-gu, Cheonan-si", S=Chungcheongnam-do, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7A726660859B24864C7E2B8B14EC5EA6

File PE Metadata
Compilation timestamp:
4/10/2010 6:19:23 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
393216:Hjk8kbZTuaDcWXioqwe27q4GktR/TVFmi5FE7s0ekaKEQJc:HPMXDzyoqkmER/TVFmi5FE7sXk3EQJc

Entry address:
0x33E9

Entry point:
81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, 70, 85, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 78, 06, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, 90, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 6C, 85, 40, 00, FF, 15, 80, 81, 40, 00, 68, 54, 85, 40, 00, 68, 80, 85, 46, 00, E8, 35, 26, 00, 00, FF, 15, B0, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 23, 26, 00, 00...
 
[+]

Entropy:
7.9981

Packer / compiler:
Nullsoft install system v2.x

Code size:
25 KB (25,600 bytes)

The file photoscape_v3.6.1.exe has been discovered within the following programs.

360Amigo is registry optimizer. 360Amigo System Speedup bundles a branded version of the Conduit Toolbar, designed to deliver search based advertising and results. During installation the user is presented in some cases with the option to install the toolbar (on by default).
www.360amigo.com
53% remove it
PhotoScape  by Mooii Tech
PhotoScape is a graphics editing program, developed by MOOII Tech. The basic concept of PhotoScape is 'easy and fun', so that allows users to easily edit photographs taken from their digital cameras or even mobile phones.
www.photoscape.org
9% remove it
 
Powered by Should I Remove It?

The file photoscape_v3.6.1.exe has been seen being distributed by the following 12 URLs.

http://f2h.nana10.co.il/.../crkxgjta0ilk|0303783cabee2776ee676737a912f0e8|.exe

http://download2142.mediafire.com/nae9rgwfn8cg/.../PhotoScape_V3.6.1.exe

http://arquivos.superdownloads.com.br/.../54453_photo_scape_361.exe

http://f2h.nana10.co.il/.../crkxgjta0ilk|0b0c468c122c778a31f69f1477c4846c|.exe

Scan photoscape_v3.6.1.exe - Powered by Reason Core Security