× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5209e0a7a7cc4fae87f411825192c4f74b509cdea2d61599b9b6c6b6a42fdb08
File name: Paint.exe
Detection ratio: 2 / 41
Analysis date: 2009-11-26 07:47:12 UTC ( 4 years, 5 months ago ) View latest
Antivirus Result Update
Comodo Heur.Suspicious 20091126
NOD32 probably unknown NewHeur_PE 20091125
AVG 20091125
AhnLab-V3 20091126
AntiVir 20091125
Antiy-AVL 20091126
Authentium 20091126
Avast 20091125
BitDefender 20091126
CAT-QuickHeal 20091126
ClamAV 20091126
DrWeb 20091126
F-Prot 20091125
F-Secure 20091124
Fortinet 20091126
GData 20091126
Ikarus 20091126
Jiangmin 20091126
K7AntiVirus 20091125
Kaspersky 20091126
McAfee 20091125
McAfee+Artemis 20091125
McAfee-GW-Edition 20091126
Microsoft 20091126
Norman 20091125
PCTools 20091126
Panda 20091125
Prevx 20091126
Rising 20091126
Sophos 20091126
Sunbelt 20091126
Symantec 20091126
TheHacker 20091125
TrendMicro 20091126
VBA32 20091126
ViRobot 20091126
VirusBuster 20091125
a-squared 20091126
eSafe 20091124
eTrust-Vet 20091125
nProtect 20091125
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
Authenticode signature block
Publisher Microsoft Corporation
Product Microsoft Windows Operating System
Original name Paint.exe
Internal name Paint
File version 5.01.0260
PE header basic information
Number of sections 3
PE sections
PE imports
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaAryMove
__vbaLenBstr
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
__vbaStrErrVarCopy
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaVarForInit
__vbaExitProc
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaBoolVar
_CIsin
__vbaErase
__vbaVargVarMove
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
__vbaPutOwner3
__vbaI2I4
DllFunctionCall
__vbaFpUI1
__vbaLbound
__vbaRedimPreserve
_adj_fpatan
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaStrVarVal
__vbaUbound
__vbaGetOwner3
__vbaVarCat
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaVar2Vec
__vbaNew2
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaI4Var
__vbaAryLock
__vbaVarAdd
__vbaVarDup
__vbaStrToAnsi
__vbaVarCopy
_CIatan
__vbaStrMove
__vbaStrVarCopy
_allmul
_CItan
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr
25 more function(s) imported by ordinal)
File identification
MD5 176288f6f22a80c76329853f8535d45b
SHA1 8fc3df6d92b257b06299bcedb3c2d4f1ef107afe
SHA256 5209e0a7a7cc4fae87f411825192c4f74b509cdea2d61599b9b6c6b6a42fdb08
ssdeep
1536:sFpv+7SIA5z/qXuOzrVzInAN+ZnVKi93qh1lPz:sFpv+7x0qewrxQGQpyz

File size 92.0 KB ( 94209 bytes )
File type unknown
Magic literal

TrID Win32 Executable Microsoft Visual Basic 6 (86.2%)
Win32 Executable Generic (5.8%)
Win32 Dynamic Link Library (generic) (5.1%)
Generic Win/DOS Executable (1.3%)
DOS Executable Generic (1.3%)
VirusTotal metadata
First submission 2009-09-11 00:13:31 UTC ( 4 years, 7 months ago )
Last submission 2010-09-02 05:27:55 UTC ( 3 years, 7 months ago )
File names paint.exe
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!