home

picexa0709.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from dl0529.puphelp.com and multiple other hosts.
MD5:
21d9235733d944eb93d13033c4da5e37

SHA-1:
0ec13fe1440bad991a2cd13900aeea8b2e68c767

SHA-256:
e1939713a3e1ba99aeca03457b59c98460af5c51526d2df4d98f316103e9c880

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 8:08:07 PM UTC  (today)

File size:
20 MB (20,922,422 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\content.ie5\rj7vqkyp\picexa0709.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
393216:238wLhD4l6dxj9TIQ8nV4xT4L5SnGefxfFn25NrDsJ/EPEwcro4kFI/ckfrhqxA9:7/l6dPTIbQ8LSfN25pyd0qUkf9qGka

Entry point:
37, 7A, BC, AF, 27, 1C, 00, 03, 30, 8A, AD, 36, F1, 3F, 3F, 01, 00, 00, 00, 00, 25, 00, 00, 00, 00, 00, 00, 00, 67, 34, C0, 29, 00, 36, 88, 18, CF, 53, E8, 37, 2C, 28, 12, 21, 5A, F5, FF, F6, ED, 5B, 24, 77, 6F, B9, 03, 68, FD, 5A, 1E, CC, 78, 44, 56, 81, 8F, 0A, B6, 31, 04, 00, 97, 36, E9, E6, 95, 32, E2, D9, 02, 93, 9F, 08, BA, A0, 40, 32, 7D, F3, F1, CC, 43, 76, A8, 10, 44, 0C, AC, 8A, 7B, 9A, 28, EB, 84, DA, F5, 38, A3, 6A, D2, 07, 5A, ED, 76, B9, C4, 33, B2, 38, 50, 11, 4E, 65, 9A, 2C, 63, 90, 0E, 37...
 
[+]

Entropy:
8.0000  (probably packed)

The file picexa0709.exe has been seen being distributed by the following 2 URLs.

http://dl0529.puphelp.com/download/.../picexa0709.exe

http://113.171.224.205/.../picexa0709.exe

Scan picexa0709.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.