» picturerelatesetuptmp536f4ad2.exe
Overview
Analysis
File Details
Behaviors (1)
Programs (1)
Downloads (1)

picturerelatesetuptmp536f4ad2.exe

This is a setup program which is used to install the application. This is the uninstaller utility registered in the Windows Control Panel for the program PictureRelate by Axel Walthelm. The file has been seen being downloaded from www.pctipp.ch.

File name:

MD5:

5a53eb934679ca954fa0c7042b680e9c

SHA-1:

bd44ec823ef9ef9e702b0f493cf8d9c49a1b7a10

SHA-256:

c5dc0402bffbf9181c459b36c8898a09c78d17fa67d34e92f7f3f95c369589be

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

4/23/2024 7:00:21 PM UTC (today)

File size:

616 KB (630,784 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\picturerelatesetuptmp536f4ad2.exe

File PE Metadata

Compilation timestamp:

8/5/2012 7:47:26 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

12288:vv0JInIT7e49RTsq8U+rm9iixY3a13LwWjywO3oWaJ/OdMEJDcNdRH:vvQInITa49RTZ8UO6i9K1UWmwson/gAJ

Entry address:

0xCC9C

Entry point:

55, 8B, EC, 6A, FF, 68, 50, B0, 41, 00, 68, 6C, 25, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 34, 81, 41, 00, 33, D2, 8A, D4, 89, 15, 54, 16, 42, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 50, 16, 42, 00, C1, E1, 08, 03, CA, 89, 0D, 4C, 16, 42, 00, C1, E8, 10, A3, 48, 16, 42, 00, 33, F6, 56, E8, B4, 0B, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, B0, 00, 00, 00, 59, 89, 75, FC, E8, 04, 4E, 00, 00, FF, 15, BC, 81, 41, 00, A3, C8, 2C, 42, 00, E8... 
[+]

Entropy:

7.7375

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

92 KB (94,208 bytes)

Program Uninstaller

Program name:

PictureRelate

Display publisher:

Axel Walthelm

Display version:

2.6.3 D

Uninstall string:

C:\Program Files (x86)\PictureRelate\setup-picture-relate.exe

The file picturerelatesetuptmp536f4ad2.exe has been discovered within the following program.

PictureRelate by Axel Walthelm

www.walthelm.net/picture-relate/de

About 1% of users remove it

The file picturerelatesetuptmp536f4ad2.exe has been seen being distributed by the following URL.

http://www.pctipp.ch/fileadmin/media/downloads/.../33948_setup-picture-relate-263-de.exe

Scan picturerelatesetuptmp536f4ad2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.