home

realistic brushes paint tool sai pack.exe

ThinPrint Virtual Channel Gateway

PORT PROM

The executable realistic brushes paint tool sai pack.exe, “ThinPrint Virtual Channel Gateway Service” has been detected as malware by 1 anti-virus scanner.
Publisher:
Cortado AG  (signed by PORT PROM)

Product:
ThinPrint Virtual Channel Gateway

Description:
ThinPrint Virtual Channel Gateway Service

Version:
8,6,239,2

MD5:
eb2790c1b690906a506a126c521eafa2

SHA-1:
97497d0cceb6757d8fd195257274c91edf0c4078

SHA-256:
f441a17fa8eca3410acbaa35f48be1f1789d72b2c1225aacbe9f1de9f261f008

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/6/2024 7:48:06 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.23.23

File size:
597.5 KB (611,816 bytes)

Product version:
8,6,239,2

Copyright:
Copyright (c) 2000-2012 Cortado AG

Original file name:
TPVCGateway.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\realistic brushes paint tool sai pack.exe

Digital Signature
Signed by:
PORT PROM

Authority:
COMODO CA Limited

Valid from:
7/7/2016 3:00:00 AM

Valid to:
7/8/2017 2:59:59 AM

Subject:
CN=PORT PROM, O=PORT PROM, STREET="d. 33 str. 1, ul.1-Ya Brestskaya", L=Moscow, S=Moscow, PostalCode=125047, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00ED626D75C5323A188C6E74611FD410E9

File PE Metadata
Compilation timestamp:
7/21/2016 11:15:10 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x2C00

Entry point:
55, 8B, EC, 81, EC, BC, 02, 00, 00, 53, 56, 57, C6, 85, 67, FF, FF, FF, 1D, EB, 02, CD, 4F, EB, 02, 87, F7, 68, 23, 2C, 40, 00, C3, CD, 83, EB, 01, 55, 8B, C0, 68, 30, 2C, 40, 00, C3, 33, DD, 68, 37, 2C, 40, 00, C3, 56, EB, 02, 2B, E3, C1, E8, 00, 68, F8, 53, 48, 00, FF, 15, 80, 00, 48, 00, 68, 17, 17, 00, 00, A1, 14, 6B, 48, 00, 50, FF, 15, EC, 04, 48, 00, 85, C0, 74, 05, E8, 9D, FF, FF, FF, 8B, 0D, 14, 6B, 48, 00, 51, FF, 15, 74, 00, 48, 00, 8B, 95, 5C, FF, FF, FF, 2B, 95, 58, FF, FF, FF, 89, 95, 58, FF...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
504.5 KB (516,608 bytes)

Remove realistic brushes paint tool sai pack.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.