× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 795a49ff3548f3b2cae08fd5bff4b6c91fed95a8feb4a67c5c25b37eb956cb7f
File name: zuud.exe
Detection ratio: 1 / 53
Analysis date: 2016-07-20 15:56:10 UTC ( 2 years, 8 months ago ) View latest
Antivirus Result Update
Qihoo-360 QVM03.0.Malware.Gen 20160720
Ad-Aware 20160720
AegisLab 20160720
AhnLab-V3 20160720
Alibaba 20160720
ALYac 20160720
Antiy-AVL 20160720
Arcabit 20160720
Avast 20160720
AVG 20160720
Avira (no cloud) 20160720
AVware 20160720
Baidu 20160720
BitDefender 20160720
Bkav 20160720
CAT-QuickHeal 20160720
ClamAV 20160720
CMC 20160715
Comodo 20160720
Cyren 20160720
DrWeb 20160720
Emsisoft 20160720
ESET-NOD32 20160720
F-Prot 20160720
F-Secure 20160720
Fortinet 20160720
GData 20160720
Ikarus 20160720
Jiangmin 20160720
K7AntiVirus 20160720
K7GW 20160720
Kaspersky 20160720
Kingsoft 20160720
Malwarebytes 20160720
McAfee 20160720
McAfee-GW-Edition 20160720
Microsoft 20160720
eScan 20160720
NANO-Antivirus 20160720
nProtect 20160720
Panda 20160720
Sophos AV 20160720
SUPERAntiSpyware 20160720
Symantec 20160720
Tencent 20160720
TheHacker 20160720
TrendMicro 20160720
TrendMicro-HouseCall 20160720
VBA32 20160720
VIPRE 20160720
ViRobot 20160720
Zillya 20160720
Zoner 20160720
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
none

Product Paint
Original name Paint.exe
Internal name Paint
File version 1.00
Description A simple paint program..but you cant save (Im working on it)
Comments I made it cause i was board...more options to come soon.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-01-09 23:40:37
Entry Point 0x00002A9C
Number of sections 3
PE sections
PE imports
_adj_fdivr_m64
Ord(546)
Ord(518)
__vbaGenerateBoundsError
_allmul
_adj_fprem
Ord(596)
__vbaStopExe
__vbaVarAnd
Ord(537)
__vbaCopyBytes
_adj_fdiv_r
__vbaObjSetAddref
Ord(100)
__vbaHresultCheckObj
__vbaI2Var
__vbaR8Str
_CIlog
Ord(595)
_adj_fptan
Ord(581)
__vbaI4Var
Ord(608)
__vbaFreeStr
__vbaR4Var
__vbaStrI2
__vbaStrI4
__vbaFreeStrList
__vbaI2I4
_adj_fdiv_m16i
EVENT_SINK_QueryInterface
__vbaFpUI1
_adj_fdiv_m32i
__vbaExceptHandler
__vbaSetSystemError
DllFunctionCall
__vbaFreeVar
__vbaBoolVarNull
Ord(588)
Ord(571)
_CIsin
EVENT_SINK_Release
__vbaVarTstEq
Ord(680)
__vbaOnError
_adj_fdivr_m32i
Ord(541)
__vbaVarDup
__vbaChkstk
__vbaStrCmp
__vbaFreeObjList
__vbaVarForNext
__vbaFreeVarList
__vbaStrVarMove
__vbaCastObj
__vbaExitProc
Ord(542)
__vbaAryConstruct2
__vbaFreeObj
_adj_fdivr_m32
__vbaStrVarVal
__vbaDateR8
_CIcos
__vbaVarMove
__vbaErrorOverflow
__vbaNew2
__vbaAryDestruct
__vbaStrMove
_adj_fprem1
_adj_fdiv_m32
__vbaI4Abs
__vbaVarCmpEq
_adj_fpatan
EVENT_SINK_AddRef
__vbaVarForInit
__vbaStrCopy
__vbaFPException
_adj_fdivr_m16i
_adj_fdiv_m64
Ord(561)
__vbaUI1I2
_CIsqrt
_CIatan
Ord(692)
__vbaObjSet
__vbaVarCat
_CIexp
_CItan
__vbaFpI4
__vbaFpI2
Number of PE resources by type
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
ENGLISH US 1
PE resources
ExifTool file metadata
LegalTrademarks
none

SubsystemVersion
4.0

Comments
I made it cause i was board...more options to come soon.

LinkerVersion
6.0

ImageVersion
1.0

FileSubtype
0

FileVersionNumber
1.0.0.0

LanguageCode
English (U.S.)

FileFlagsMask
0x0000

FileDescription
A simple paint program..but you cant save (Im working on it)

CharacterSet
Unicode

InitializedDataSize
12288

EntryPoint
0x2a9c

OriginalFileName
Paint.exe

MIMEType
application/octet-stream

LegalCopyright
none

FileVersion
1.0

TimeStamp
2013:01:09 23:40:37+00:00

FileType
Win32 EXE

PEType
PE32

InternalName
Paint

ProductVersion
1.0

UninitializedDataSize
0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
The Nut House

CodeSize
221184

ProductName
Paint

ProductVersionNumber
1.0.0.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 1cd8596ce04228e72561153c8f71924b
SHA1 e3f4677204d792168ec6fd808ef27a5c1fe206e7
SHA256 795a49ff3548f3b2cae08fd5bff4b6c91fed95a8feb4a67c5c25b37eb956cb7f
ssdeep
6144:RkdrYJIaveDMHOX2uURc0rPJRrPoECK8:er8WAHOX2xRc0VRbo7K

authentihash d087c81d64729c5be065625870728dfc648e87e5a9db64f6184a639e02804c30
imphash d74e62da8d1ae24cad980a7f5f980545
File size 228.0 KB ( 233472 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (68.2%)
Win64 Executable (generic) (22.9%)
Win32 Executable (generic) (3.7%)
OS/2 Executable (generic) (1.6%)
Generic Win/DOS Executable (1.6%)
Tags
peexe

VirusTotal metadata
First submission 2016-07-20 15:56:10 UTC ( 2 years, 8 months ago )
Last submission 2018-05-21 06:47:31 UTC ( 10 months ago )
File names Paint
1cd8596ce04228e72561153c8f71924b.vir
zuud.exe
Paint.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!