home

pixplant2photoshop.exe

PixPlant for Photoshop

FaronStudio Unipessoal Lda

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from gsf-cf.softonic.com and multiple other hosts.
Publisher:
PixPlant   (signed by FaronStudio Unipessoal Lda)

Product:
PixPlant for Photoshop

Description:
PixPlant for Photoshop Setup

Version:
2.1.68

MD5:
1215dae0cf7f6cf9885666ec9a343465

SHA-1:
8ddf95e014e27921d2705a7c59af5e926e440b23

SHA-256:
5d59c434dd6717e4b06eb95cfa0ff094c81c2ad2b8d864c54c81ad4884d5356f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/7/2024 5:55:36 AM UTC  (today)

File size:
20.9 MB (21,948,472 bytes)

Product version:
2.1.68

Copyright:
Copyright FaronStudio Unip Lda

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\pixplant2photoshop.exe

Digital Signature
Signed by:
FaronStudio Unipessoal Lda

Authority:
COMODO CA Limited

Valid from:
8/6/2012 5:30:00 AM

Valid to:
8/7/2015 5:29:59 AM

Subject:
CN=FaronStudio Unipessoal Lda, OU=PixPlant, O=FaronStudio Unipessoal Lda, STREET="Esc. Olarias, 7 - 1. DT", L=Lisbon, S=Lisbon, PostalCode=1100-375 Lisbon, C=PT

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00AEDAC7540639BF05933E7152E5E0E9A7

File PE Metadata
Compilation timestamp:
7/9/2012 7:11:29 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
393216:ZyccLfHA2WDmmapeuwve8dwwtG1tVi7ak3ZrKCnJFYc15mEhtuUrAL6:Zy7Anmmjuw3w6dnJic15thgiq6

Entry address:
0x16478

Entry point:
55, 8B, EC, 83, C4, A4, 53, 56, 57, 33, C0, 89, 45, C4, 89, 45, C0, 89, 45, A4, 89, 45, D0, 89, 45, C8, 89, 45, CC, 89, 45, D4, 89, 45, D8, 89, 45, EC, B8, B8, 52, 41, 00, E8, AC, 03, FF, FF, 33, C0, 55, 68, 45, 6B, 41, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, 01, 6B, 41, 00, 64, FF, 32, 64, 89, 22, A1, 48, AB, 41, 00, E8, 56, EC, FF, FF, E8, FD, E7, FF, FF, 8D, 55, EC, 33, C0, E8, 7F, 84, FF, FF, 8B, 55, EC, B8, E8, D6, 41, 00, E8, E2, E9, FE, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, D6, 41, 00, B2, 01...
 
[+]

Entropy:
7.9994

Developed / compiled with:
Microsoft Visual C++

Code size:
84 KB (86,016 bytes)

The file pixplant2photoshop.exe has been seen being distributed by the following 2 URLs.

http://gsf-cf.softonic.com/8dd/f95/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3350762&instance=softonic_en&type=PROGRAM&Expires=1470548807&Signature=VvP6dIMkN0n7NuBBFvi9bMECRViFFoO9o4Y3Q~cGlbEcqzRxZwC77aQ2Ec~4oOZNSIrmOr4GYufMBz~0MBqBUyLaZAd175iNxinVO3AtZqtgjZII4XB948yXkiaqbBH84YcAm40Ofgksk80dtC~bRsRKaG9YEVl6BnLPpEQ2eyg_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PixPlant2Photoshop.exe

http://gsf-cf.softonic.com/8dd/f95/.../file?SD_used=0&channel=WEB&fdh=no&id_file=3350762&instance=softonic_en&type=PROGRAM&Expires=1469554581&Signature=OcEVc43~anBvV3LSQuSSWvVsCl9ftiehjmgpf0vFnFYFtDbGWEzZMGOtQ3xlBMO3i8m290L0MyLW8pXkEIPEIPPd8ilVSdXMgoN48w7uEWErhjYNBlqXOs3iXwFoVXykGsP5nsHILwEsTRNlqJJ5Hkld5VmqVK3Rg-k8Fsbwgb0_&Key-Pair-Id=APKAJUA62FNWTI37JTGQ&filename=PixPlant2Photoshop.exe

Scan pixplant2photoshop.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.