home

picexa0529.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from 113.171.224.166 and multiple other hosts.
MD5:
dbb8b79c51bddfa1724899598101561e

SHA-1:
3b580cf857e8aa9b42f8b302bc96b39f7726f85e

SHA-256:
eb71fdb56bb3855784eb542c97cfbd6c34f00f570f51b956a8dd3920b3c7336e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/22/2025 3:56:30 PM UTC  (today)

File size:
21.2 MB (22,187,411 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\content.ie5\edso2x5t\picexa0529.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
393216:Nm3gooCzkkubNFAxVXjMq0L06O1VVUqNcmz9bM0Y+HSTWH1mbpcP1hA9hXIhzp08:NfooC5WWN8tO1/UqNcC/1y6H1mbpm1h9

Entry point:
37, 7A, BC, AF, 27, 1C, 00, 03, 86, 8D, 6E, 95, 4E, 8D, 52, 01, 00, 00, 00, 00, 25, 00, 00, 00, 00, 00, 00, 00, 9A, A1, 00, 91, 00, 36, 88, 18, CF, 53, E8, 37, 2C, 27, E8, 76, 91, 23, A6, 7C, D6, 84, AF, E6, E4, DE, D3, 77, 17, 40, EA, FA, 9D, 0A, 7D, A7, C9, 4E, E5, 38, 35, 9B, 3B, BB, 14, 7C, DC, C4, 3B, D6, AF, A3, AD, A4, 75, 20, 45, 30, F0, C2, CF, 4E, 82, D2, 8C, DB, 68, 7C, 22, 18, BB, 30, D4, 04, 9F, 3C, 0C, 3C, 95, EF, 9C, 69, E6, 82, 61, AE, BF, 00, E3, DF, 64, D2, 73, 91, 56, 9C, 23, 30, 32, D7...
 
[+]

Entropy:
8.0000  (probably packed)

The file picexa0529.exe has been seen being distributed by the following 2 URLs.

http://113.171.224.166/.../picexa0529.exe

http://dl0529.puphelp.com/download/.../picexa0529.exe

Scan picexa0529.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.