home

px2yac.exe

equal max

The application px2yac.exe has been detected as a potentially unwanted program by 10 anti-malware scanners. The file has been seen being downloaded from dl.picexa.com.
Publisher:
equal max

Product:
equal max

Version:
9.1.9.27

MD5:
533d2cc4524a445a565a4a85e59dc5c7

SHA-1:
92ac6ad4be08a8ddae06bd334e06d972a3a58768

SHA-256:
70e873df7b6b39a7d6d211ed123467ef6ddda6391be51e826887754323788924

Scanner detections:
10 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 8:49:55 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Vitro
160414-2

Dr.Web
Win32.Virut.56
9.0.1.05190

Emsisoft Anti-Malware
Adware.Adload.Y
11.5.0.6191

ESET NOD32
Win32/Virut.NBP virus
8.0.319.0

F-Prot
W32/Virut.AI!Generic
4.6.5.141

Kaspersky
Virus.Win32.Virut
15.0.0.562

McAfee
Virus.W32/Virut.n.gen
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.223.15.0

Norman
Adware.Adload.Y
19.05.2016 05:17:13

VIPRE Antivirus
Threat.4120919
49494

File size:
396.5 KB (406,016 bytes)

Product version:
9.1.9.27

Copyright:
Copyright (C) equal max

Original file name:
equal max

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\px2yac.exe

File PE Metadata
Compilation timestamp:
12/29/2037 5:46:16 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

CTPH (ssdeep):
6144:5/sY/7nEjpRczeh8XihI+qr2YwbYHUEvMasl4:5L/wVRaehqTj2D0bvMr

Entry address:
0x66BDF

Entry point:
83, EC, 30, 90, 09, ED, 60, 83, C4, 24, 8A, FF, 0F, 84, 96, 00, 00, 00, BE, C2, B1, A1, C4, 90, E8, E1, 4B, 00, 00, 8B, 5C, 24, FC, B3, 00, 38, C6, 83, EB, 1E, F6, D2, 66, 83, EB, 62, 75, F5, 8A, C8, 8D, 3E, 86, E5, 0F, B7, 53, 3C, 81, D2, 2B, EE, FF, FF, 8A, E3, 79, E1, 86, C5, 98, 90, B1, 3B, 8B, 94, 1A, D6, 11, 00, 00, 87, C9, 66, 83, F2, 45, 75, CC, 8D, 0A, 8B, FF, 68, 64, 22, D5, 6A, E8, B1, 4B, 00, 00, 89, 74, 24, 44, 8D, 39, 83, C9, 85, 80, C4, 13, E8, 53, FE, FF, FF, 89, 44, 24, 34, F6, D5, 83, F8...
 
[+]

Entropy:
5.7959

Code size:
193.5 KB (198,144 bytes)

The file px2yac.exe has been seen being distributed by the following URL.

http://dl.picexa.com/update/new.2.0/px/2.1.81/.../px2yac.exe

Remove px2yac.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.