picasa39.exe

Picasa Updater

Google Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from letoltes.szoftverbazis.hu and multiple other hosts.
Publisher:
Google Inc.  (signed and verified)

Product:
Picasa Updater

Description:
Picasa

Version:
3.9.135.800

MD5:
fa7afb8cc91397ea1f177eb0e24b8311

SHA-1:
547913f5866f564cddc8fcc8bbad9e4f5b140717

SHA-256:
da85d66556b23efb135720389f394bb74bfca8a36ec68128b119aef85f27e76a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 2:18:07 AM UTC  (today)

File size:
14.2 MB (14,882,664 bytes)

Product version:
3.9.0

Copyright:
© 2004-2011 Google Inc.

Original file name:
Picasa Updater

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\picasa39.exe

Digital Signature
Signed by:

Authority:
VeriSign, Inc.

Valid from:
6/21/2011 2:00:00 AM

Valid to:
6/21/2013 1:59:59 AM

Subject:
CN=Google Inc., OU=Digital ID Class 3 - Java Object Signing, OU=Digital ID Class 3 - Java Object Signing, O=Google Inc., L=Mountain View, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
0D33F28709E263DE83AFFD883E39B912

File PE Metadata
Compilation timestamp:
12/14/2011 2:12:07 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
393216:YRa8uFM/6SktQ/G6SZkYUAJh+eksxQ5fAbHj:Yg8liLu/OZttJhosAfiD

Entry address:
0x69B7

Entry point:
E8, 28, 4B, 00, 00, E9, 16, FE, FF, FF, 8B, 44, 24, 04, 33, C9, 3B, 04, CD, 70, 80, 41, 00, 74, 12, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0C, 6A, 0D, 58, C3, 8B, 04, CD, 74, 80, 41, 00, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, C3, E8, 34, 24, 00, 00, 85, C0, 75, 06, B8, D8, 81, 41, 00, C3, 83, C0, 08, C3, E8, 21, 24, 00, 00, 85, C0, 75, 06, B8, DC, 81, 41, 00, C3, 83, C0, 0C, C3, 56, E8, E7, FF, FF, FF, 8B, 4C, 24, 08, 51, 89, 08, E8, 8D, FF, FF, FF, 59, 8B, F0...
 
[+]

Entropy:
7.9938  (probably packed)

Code size:
72 KB (73,728 bytes)

The file picasa39.exe has been seen being distributed by the following 29 URLs.

http://letoltes.szoftverbazis.hu/XGZ75HUHWbF1CdmzyfU9uQ/1460711737/.../picasa39-setup.exe

http://letoltes.szoftverbazis.hu/j95BceGk1gknoOKe8dyu-A/1473169391/.../picasa39-setup.exe

http://downloads.zoznam.sk/mirror2/.../picasa39-setup.exe

http://letoltes.szoftverbazis.hu/hyRN4A__ForcFDZdIKgz3w/1477130966/.../picasa39-setup.exe

http://letoltes.szoftverbazis.hu/OT0wQY1EkHYBdSfNiEmCmQ/1475905375/.../picasa39-setup.exe

http://server3.xnavigation.net/dl/88bpV/623/11605/defa/.../picasa

http://letoltes.szoftverbazis.hu/TWoLdTWapFEHt0H-V6z7_g/1462104337/.../picasa39-setup.exe

http://letoltes.szoftverbazis.hu/YD-NaWNYfWIV5uyJzSV2LA/1436691124/.../picasa39-setup.exe

https://dl.google.com/.../picasa39-setup.exe

http://letoltes.szoftverbazis.hu/qTx_EWCS0NNjxLSgH2YbBQ/1462618174/.../picasa39-setup.exe

http://www.bytepresentbyte.com/eCaEGYfhhSvnKNgVdpDx3bUPw2qOMARz2vbVUWkP5lKYKANPy5yZedpxIR7sf_gOAhzPkjBsZSEKLeZl6Ald2hIdvM5PZ09CRvQpcb8fWERfPzHM4ajXTYemN0VdwwDsuIUmtHz0Qgb6erluVHt3oZB0G03e27yRMd8t8tpFGmcx_j4XCgSc304_7PubbjGwmvP_dKmPOzM4fEjfzOlMSup4H1J4lP72G7S4F2_0CJKoz5PgEt5lzmK0 CcuMXmm5UPW4diQt wsmGXcbDKIvhEokRYfnO1Xu_g1fs5fPUQLEgVucOLtkOMCOGgFXxjtG4IarDYzx4d64JzBqdQe6ypECgUw3ChYLUnf9fCp7zKwzhNerX3ZKzKhcAnWv4PR7i3f9zwIf2a227ZBYZrou31CvcErQDne3VPDQFPZPyNIUog VOHuutOHB0DwbKUEN qc nrIw 26a3qo492w5XQkeGK36R2PAwGjdg 7XR0 bNvJ1OFuFaxxPGvNVSwxdPfLED18-G2cAAETd1trjDemY4hERWbjK_J1y4NCKulzzCwfAdxsDxxf0aC8iTuN96OhpUiXrffw6i_cBW68M_7c4l4FDgC2CVJjTeDyDs3l52OQB-e

http://letoltes.szoftverbazis.hu/5rd8OXmUMyR9tBjWjeh9JA/1462807913/.../picasa39-setup.exe

http://letoltes.szoftverbazis.hu/0ZWXPevNmyKcg4wHTJEFbQ/1464947387/.../picasa39-setup.exe

http://server3.xnavigation.net/dl/zcn1C/623/11605/defa/.../picasa

http://letoltes.szoftverbazis.hu/LX9pRZ_gvCV_t14dCEtNNA/1469793895/.../picasa39-setup.exe

http://letoltes.szoftverbazis.hu/KjIhfP9gZ2tdKqZjamlrOw/1472020418/.../picasa39-setup.exe

http://letoltes.szoftverbazis.hu/HsqjFGhlHcggpCRoA34Rww/1472613104/.../picasa39-setup.exe

http://letoltes.szoftverbazis.hu/a-GtQf4VnXAwTUy_ILV-dw/1462985112/.../picasa39-setup.exe

http://letoltes.szoftverbazis.hu/TABKVKtYV-gQrw2MhdI0wg/1470076327/.../picasa39-setup.exe

http://letoltes.szoftverbazis.hu/O_uLJw0HNv4u3kFkCRsCKw/1456844026/.../picasa39-setup.exe