picexa.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.downvsjq.com and multiple other hosts.
MD5:
735549dc4c44be4eaa7bfa8066d15273

SHA-1:
0ee86d6daa910938e4ecd1accf8e79d4cf18590d

SHA-256:
ff3398324759580a4c98b9baf39465464356a60826434f1d14c1243cf21c2136

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 2:58:26 PM UTC  (today)

File size:
21.4 MB (22,459,270 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\picexa.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
393216:Fkou3jgAgvsIo16MB7FD+wmxO+IFLPjrTLYN2NNbI72GHE/gVl:FjNvsIo1/BFmkbFPrTEB72Gkw

Entry point:
37, 7A, BC, AF, 27, 1C, 00, 03, 0F, CB, 01, 69, 41, B3, 56, 01, 00, 00, 00, 00, 25, 00, 00, 00, 00, 00, 00, 00, 54, 3F, DD, DD, 00, 36, 88, 18, CF, 53, E8, 37, 2C, 28, 1C, 3D, B2, AB, C0, DF, 98, 21, FC, 13, 09, 35, C1, 1A, F4, E0, EF, 67, 6C, BB, FB, 89, 59, 33, 0A, C8, AD, 03, 5C, 3E, 10, 6F, BA, 34, 54, DA, E4, CB, 2F, 51, D9, 44, B4, 16, BF, A8, CE, 66, 3E, EF, F1, 1F, 6D, F1, 35, 1C, 46, 19, 3D, F3, AD, A1, 8C, A7, 5C, 6A, 92, F8, 36, 65, A3, E2, 76, 9C, 8D, 4F, 38, 66, 6E, B2, 70, 66, 29, 15, 5A, 91...
 
[+]

The file picexa.exe has been seen being distributed by the following 4 URLs.

http://113.171.224.215/.../picexa.exe

Scan picexa.exe - Powered by Reason Core Security