home

setup.exe

Picasa Updater

Google Inc

This is a self-extracting archive and installer. The file has been seen being downloaded from www.dropbox.com and multiple other hosts.
Publisher:
Google Inc.  (signed by Google Inc)

Product:
Picasa Updater

Description:
Picasa

Version:
3.9.139.1610

MD5:
5ec81e559df45d1e6b2ee0db921eed94

SHA-1:
a951efd3b7c9e5f6e718f7505852b04fba7050e9

SHA-256:
06522d0f68e080c93a75516eaaf2146582c243112ec6f7ba4de4b018f845c602

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)
Whitelisted  (by digital signature)

Analysis date:
11/23/2024 2:25:38 AM UTC  (today)

File size:
16.6 MB (17,385,800 bytes)

Product version:
3.9.0

Copyright:
© 2004-2011 Google Inc.

Original file name:
Picasa Updater

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\google\picasa3\setup.exe

Digital Signature
Signed by:
Google Inc

Authority:
VeriSign, Inc.

Valid from:
1/29/2014 12:00:00 AM

Valid to:
1/29/2016 11:59:59 PM

Subject:
CN=Google Inc, OU=Digital ID Class 3 - Java Object Signing, OU=Digital ID Class 3 - Java Object Signing, O=Google Inc, L=Mountain View, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
2912C70C9A2B8A3EF6F6074662D68B8D

File PE Metadata
Compilation timestamp:
2/13/2015 11:28:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
393216:wqCaXpKpxSI566vZAeEEThUu1HMLYwiUd2bjdSL9frCDIhkdhL:wqClGI5Rvo2tb+IdKfgIhkdhL

Entry address:
0x69A7

Entry point:
E8, 2B, 4B, 00, 00, E9, 16, FE, FF, FF, 8B, 44, 24, 04, 33, C9, 3B, 04, CD, 70, 80, 41, 00, 74, 12, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0C, 6A, 0D, 58, C3, 8B, 04, CD, 74, 80, 41, 00, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, C3, E8, 4E, 21, 00, 00, 85, C0, 75, 06, B8, D8, 81, 41, 00, C3, 83, C0, 08, C3, E8, 3B, 21, 00, 00, 85, C0, 75, 06, B8, DC, 81, 41, 00, C3, 83, C0, 0C, C3, 56, E8, E7, FF, FF, FF, 8B, 4C, 24, 08, 51, 89, 08, E8, 8D, FF, FF, FF, 59, 8B, F0...
 
[+]

Entropy:
7.9953  (probably packed)

Code size:
72 KB (73,728 bytes)

The file setup.exe has been seen being distributed by the following 50 URLs.

https://www.dropbox.com/pri/.../picasa39-setup.exe

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://lb.cdn.m6web.fr/d/c/a/ecdae80eea4e8a83e5c62a00757cb19a/556d7dfc/soft/.../picasa_3-9-139-161_fr_12684.exe

https://download.heise.de/software/b8046db0e681186356c114c9a7e31a30/5548d299/.../picasa39-setup.exe

http://dw.html.it/index.php?softname=picasa_3.9.139_Build_161-setup.exe&code=1486574812&q=ODE5MjZ8cGljYXNhLTEx

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://lb.cdn.m6web.fr/d/c/a/854bdda8342d571164aebdf38440fff4/550fb062/soft/.../picasa_3-9-139-161_fr_12684.exe

http://www.filehippo.com/download/file/.../

http://dw.html.it/index.php?softname=picasa_3.9.139_Build_161-setup.exe&code=1480245455&q=ODE5MjZ8cGljYXNhLTEx

https://mediabinn.com/binary_download.php?guid=06522d0f68e080c93a75516eaaf2146582c243112ec6f7ba4de4b018f845c602

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://software.thaiware.com/download_url.php?id=10662

http://filehippo.com/download/file/.../

http://www.edownload.cz/sw/picasa-3/download/.../

http://r2.computerbild.de/exec/r2r.pl?m=w-cobi;u=http://d.computerbild.de/downloads/.../picasa39-setup.exe

http://filehippo.com/download/file/.../

temp:setup.exe

http://www.classic-programs.com/classic/prog/.../picasa39-setup.exe

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

http://filehippo.com/download/file/.../

Latest 30 of 132 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.