AAUI.exe

AAUI Application

Baidu Japan

This file is installed with the program Baidu IME 2.8.
Publisher:
Baidu Japan  (signed and verified)

Product:
AAUI Application

Version:
2, 8, 0, 2

MD5:
7d8b4fd452c40ee2359f3177391d8152

SHA-1:
1b66a4c134c9f649cf3cfdd022b982ba18a31137

SHA-256:
b7be2f815f98a3fc2de26555ab7df16ed2b0da1c875b9b4e23e5bbbd18c00b81

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
2/16/2014 7:03:19 AM UTC  (two months ago)

Scan engine
Detection
Engine version

ByteHero BDV
Trojan-Downloader.win32.Small.gen.105
12.23.2013.10

File size:
795.2 KB (814,272 bytes)

Product version:
2, 8, 0, 2

Copyright:
Copyright (C) 2012

Original file name:
AAUI.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\Program Files\baidu\ime\2.8.1.6\aaui.exe

Digital Signature
Signed by:

Authority:
GlobalSign nv-sa

Valid from:
12/7/2011 4:44:18 AM

Valid to:
12/5/2014 12:41:15 PM

Subject:
E=info_jp@baidu.com, CN=Baidu Japan, OU=Business Development, O=Baidu Japan, L="Roppogi Hills Mori tower 20F, 6-10-1,Roppogi,Minato-ku", S=Tokyo, C=JP

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121FBE8004EAD7CC599B089A51556C81840

File PE Metadata
Compilation timestamp:
12/10/2012 1:08:51 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:kktvOaRQSr6Az/6dlRTRwzNcTW0yQYeLX6:pJCAu5RMcTXyQHK

Entry address:
0x38916

Entry point:
E8, C8, 89, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 33, C0, 39, 45, 0C, 76, 11, 8B, 4D, 08, 66, 83, 39, 00, 74, 08, 40, 41, 41, 3B, 45, 0C, 72, F2, 5D, C3, 6A, 10, 68, 50, AE, 49, 00, E8, 41, 21, 00, 00, 8B, 5D, 08, 85, DB, 75, 0E, FF, 75, 0C, E8, A2, F0, FF, FF, 59, E9, CC, 01, 00, 00, 8B, 75, 0C, 85, F6, 75, 0C, 53, E8, B2, EF, FF, FF, 59, E9, B7, 01, 00, 00, 83, 3D, B8, 7A, 4A, 00, 03, 0F, 85, 93, 01, 00, 00, 33, FF, 89, 7D, E4, 83, FE, E0, 0F, 87, 8A, 01, 00, 00, 6A, 04, E8, 29, 56, 00, 00, 59...
 
[+]

Entropy:
6.7267

Code size:
535 KB (547,840 bytes)

The file aaui.exe has been discovered within the following program.

Baidu IME 2.8  by Baidu Japan Inc.
The software is typically bundled with third party installers such as Open Candy. "Offer your users a quick and easy way to change the input language on Windows. Also features a handy screenshot utility."
ime.baidu.jp
23% remove it
 
Powered by Should I Remove It?

1 / 68      (inconclusive)
AAUI.exe  2, 8, 0, 2  (b6fb2ea0baeba9b0ddb5c786e0b0d2c5c0b89da4)

0 / 68
aaui.dll  (c1530a0e72d93dcec96eb84d017588b76630e829)

Distribution by Country