picasa3.exe

Picasa

Google Inc

This is a setup program which is used to install the application. The file has been seen being downloaded from mg.mail.yahoo.com and multiple other hosts.
Publisher:
Google Inc.  (signed by Google Inc)

Product:
Picasa

Version:
3.9.138.151

MD5:
c58b096af3c6ffa9092c52213491587b

SHA-1:
9b571aa2e59ff6f13d784eb2af672f3d92f01e11

SHA-256:
be002c7f8d4ad88b82e43ccc3d3a09938f2a2bd30edd7fe6319a1bce8064ca56

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
12/25/2024 3:47:17 PM UTC  (today)

File size:
9.7 MB (10,152,264 bytes)

Product version:
3.9.138

Copyright:
© 2003-2013 Google Inc.

Original file name:
Picasa.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\google\picasa3\picasa3.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
1/29/2014 1:00:00 AM

Valid to:
1/30/2016 12:59:59 AM

Subject:
CN=Google Inc, OU=Digital ID Class 3 - Java Object Signing, OU=Digital ID Class 3 - Java Object Signing, O=Google Inc, L=Mountain View, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2912C70C9A2B8A3EF6F6074662D68B8D

File PE Metadata
Compilation timestamp:
8/13/2014 1:48:42 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
98304:NJeiaYHkw4zkMde4pxEUiH6PnLgetBFwIJunxTl3F3kM1Y8zWG8cTGAP3bR9ib:NmYHD4Fg4XE4tBqIsndl5XOrC6

Entry address:
0x7ED597

Entry point:
E8, FA, 17, 00, 00, E9, 16, FE, FF, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 78, 72, D4, 00, 89, 0D, 74, 72, D4, 00, 89, 15, 70, 72, D4, 00, 89, 1D, 6C, 72, D4, 00, 89, 35, 68, 72, D4, 00, 89, 3D, 64, 72, D4, 00, 66, 8C, 15, 90, 72, D4, 00, 66, 8C, 0D, 84, 72, D4, 00, 66, 8C, 1D, 60, 72, D4, 00, 66, 8C, 05, 5C, 72, D4, 00, 66, 8C, 25, 58, 72, D4, 00, 66, 8C, 2D, 54, 72, D4, 00, 9C, 8F, 05, 88, 72, D4, 00, 8B, 45, 00, A3, 7C, 72, D4, 00, 8B, 45, 04, A3, 80, 72, D4, 00, 8D, 45, 08, A3, 8C, 72, D4, 00, 8B...
 
[+]

Code size:
8.2 MB (8,638,464 bytes)

Autoplay Handler
Display name:
Picasa2ImportPicturesOnArrival


The file picasa3.exe has been seen being distributed by the following 5 URLs.

https://mg.mail.yahoo.com/ya/.../sw0MAABEWVIEkXARdMLIwA0U&fid=Draft&pid=2&clean=0&appid=YahooMailNeo

https://onedrive.live.com/.../ALLEXg6MVWod sjmcLagIfiQ=9&ithint=.exe