picexa1224.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from 113.171.224.210 and multiple other hosts.
MD5:
51af178d17c0f25c202a4e2d00b6312f

SHA-1:
e8281c9fcab65545553072454c3bf2c31afbb92e

SHA-256:
466e2bb4db69cabe036f60455f2f1faa72f22c846701b326cd377154d1a02936

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 7:21:13 PM UTC  (today)

File size:
26.3 MB (27,595,754 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\picexa1224.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
786432:4m9+1IltJRjReeNidqEPhaPFkjhJ9ECacxFJ:4mr1UeNizUFwJ9j

Entry point:
37, 7A, BC, AF, 27, 1C, 00, 03, 1C, DA, EC, 09, A6, 13, A5, 01, 00, 00, 00, 00, 24, 00, 00, 00, 00, 00, 00, 00, A6, 92, CB, 40, 00, 36, 88, 18, CF, 53, E8, 37, 2C, 28, 4B, C6, 5F, 0A, 00, 0E, F3, FC, 80, BF, 66, F0, C9, AA, 18, 40, B8, C7, 6E, 73, DA, F8, CA, 0E, 02, 6D, 22, 52, 9B, EC, 0C, 8F, CC, 35, 4D, 78, A7, A3, 02, 94, 3F, 08, F3, 11, AD, 57, 3B, D7, 9B, F4, 84, 0C, B1, E7, 63, CA, BA, 5C, 6B, 2D, D8, 22, 5E, 29, 58, B6, 7D, 56, 71, 15, 66, 4C, 27, 8E, EC, 0A, 00, 1E, 10, 0A, ED, AE, 18, DD, 18, C2...
 
[+]

The file picexa1224.exe has been seen being distributed by the following 3 URLs.

http://113.171.224.210/.../picexa1224.exe

http://113.171.224.177/.../picexa1224.exe

Scan picexa1224.exe - Powered by Reason Core Security