picpick.exe

PicPick

Wiziple software

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘PicPick Start’. This is installed with PicPick.
Publisher:
NTeWORKS  (signed by Wiziple software)

Product:
PicPick

Version:
3.2.4.0

MD5:
8a9b9ee2705e10a8c4aefda532769fdd

SHA-1:
bad82d4b298f8c0f6db8c62815b02e5508464234

SHA-256:
c1f6c35f071c687d049f950dc09c7849ee351dd54eaac2ffa4c5065201ae67c8

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 7:20:16 PM UTC  (today)

File size:
10.9 MB (11,479,896 bytes)

Product version:
3.0.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\picpick\picpick.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
9/19/2012 5:30:00 AM

Valid to:
9/20/2013 5:29:59 AM

Subject:
CN=Wiziple software, OU=IT, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Wiziple software, L=Seoul, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
25EB771F5CB956E0421118BBAB072A89

File PE Metadata
Compilation timestamp:
4/5/2013 1:01:23 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
196608:uglb3o08Gj+/LuSD2wZuF3CCBLopGHiOZ7wdf+BOla72LALI7ALXL7:Fi0Nj+/Lug2wZuF0df+Ula72LALI7ALX

Entry address:
0x71AA64

Entry point:
55, 8B, EC, B9, 0A, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, 88, AE, B0, 00, E8, 90, 15, 8F, FF, 33, C0, 55, 68, 9C, AE, B1, 00, 64, FF, 30, 64, 89, 20, 8D, 55, EC, B8, 01, 00, 00, 00, E8, BD, 9C, 8E, FF, 8B, 45, EC, BA, B8, AE, B1, 00, E8, D8, DD, 8E, FF, 75, 0A, E8, 41, C3, 8E, FF, E9, CD, 03, 00, 00, 8D, 55, E8, B8, 01, 00, 00, 00, E8, 97, 9C, 8E, FF, 8B, 45, E8, BA, E4, AE, B1, 00, E8, B2, DD, 8E, FF, 75, 0A, E8, 1B, C3, 8E, FF, E9, A7, 03, 00, 00, 8D, 55, E4, B8, 01, 00, 00, 00, E8, 71...
 
[+]

Entropy:
6.3035

Developed / compiled with:
Microsoft Visual C++

Code size:
7.1 MB (7,445,504 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
PicPick Start

Command:
C:\Program Files\picpick\picpick.exe


The file picpick.exe has been discovered within the following program.

PicPick  by NTeWORKS
Publisher's description - “PicPick is an all-in-one program that provides a full-featured screen capture tool, an intuitive image editor, a color picker, a color palette, a pixel- ruler, a protractor, a crosshair and even a whiteboard. This software is distributed as a freeware for personal use only.”
www.picpick.org
About 8% of users remove it
 
Powered by Should I Remove It?

Scan picpick.exe - Powered by Reason Core Security