× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5209e0a7a7cc4fae87f411825192c4f74b509cdea2d61599b9b6c6b6a42fdb08
File name: Paint.exe
Detection ratio: 2 / 41
Analysis date: 2009-11-26 07:47:12 UTC ( 7 years, 10 months ago ) View latest
Antivirus Result Update
Comodo Heur.Suspicious 20091126
NOD32 probably unknown NewHeur_PE 20091125
a-squared 20091126
AhnLab-V3 20091126
AntiVir 20091125
Antiy-AVL 20091126
Authentium 20091126
Avast 20091125
AVG 20091125
BitDefender 20091126
CAT-QuickHeal 20091126
ClamAV 20091126
DrWeb 20091126
eSafe 20091124
eTrust-Vet 20091125
F-Prot 20091125
F-Secure 20091124
Fortinet 20091126
GData 20091126
Ikarus 20091126
Jiangmin 20091126
K7AntiVirus 20091125
Kaspersky 20091126
McAfee 20091125
McAfee+Artemis 20091125
McAfee-GW-Edition 20091126
Microsoft 20091126
Norman 20091125
nProtect 20091125
Panda 20091125
PCTools 20091126
Prevx 20091126
Rising 20091126
Sophos AV 20091126
Sunbelt 20091126
Symantec 20091126
TheHacker 20091125
TrendMicro 20091126
VBA32 20091126
ViRobot 20091126
VirusBuster 20091125
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
FileVersionInfo properties
Publisher Microsoft Corporation
Product Microsoft Windows Operating System
Original name Paint.exe
Internal name Paint
File version 5.01.0260
PE header basic information
Number of sections 3
PE sections
PE imports
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaAryMove
__vbaLenBstr
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
__vbaStrErrVarCopy
_adj_fprem1
__vbaRecAnsiToUni
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaVarForInit
__vbaExitProc
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaBoolVar
_CIsin
__vbaErase
__vbaVargVarMove
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
__vbaPutOwner3
__vbaI2I4
DllFunctionCall
__vbaFpUI1
__vbaLbound
__vbaRedimPreserve
_adj_fpatan
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaStrVarVal
__vbaUbound
__vbaGetOwner3
__vbaVarCat
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaVar2Vec
__vbaNew2
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaI4Var
__vbaAryLock
__vbaVarAdd
__vbaVarDup
__vbaStrToAnsi
__vbaVarCopy
_CIatan
__vbaStrMove
__vbaStrVarCopy
_allmul
_CItan
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr
25 more function(s) imported by ordinal)
Overlay parents
File identification
MD5 176288f6f22a80c76329853f8535d45b
SHA1 8fc3df6d92b257b06299bcedb3c2d4f1ef107afe
SHA256 5209e0a7a7cc4fae87f411825192c4f74b509cdea2d61599b9b6c6b6a42fdb08
ssdeep
1536:sFpv+7SIA5z/qXuOzrVzInAN+ZnVKi93qh1lPz:sFpv+7x0qewrxQGQpyz

File size 92.0 KB ( 94209 bytes )
File type unknown
Magic literal

TrID Win32 Executable Microsoft Visual Basic 6 (86.2%)
Win32 Executable Generic (5.8%)
Win32 Dynamic Link Library (generic) (5.1%)
Generic Win/DOS Executable (1.3%)
DOS Executable Generic (1.3%)
VirusTotal metadata
First submission 2009-09-11 00:13:31 UTC ( 8 years ago )
Last submission 2010-09-02 05:27:55 UTC ( 7 years ago )
File names paint.exe
0DJbiKgNW.jpeg
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!