home

bavpro_setup_mini_e358_4640726446407264.exe

Baidu Antivirus

Baidu Online Network Technology (Beijing)Co., Ltd

Publisher:
Baidu, Inc.  (signed by Baidu Online Network Technology (Beijing)Co., Ltd)

Product:
Baidu Antivirus

Description:
Baidu Antivirus MiniSetup

Version:
5,4,0,90007

MD5:
ad0e0341eeefaa87535647b8e6ad190f

SHA-1:
36ef63b9c6ab7fe46ed591377b5794cbea08e8ed

SHA-256:
ab01321fe645cfb7208a834bb4d0a42c8baf0d611d34ef6d5d0e6bf7120f2196

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 10:05:25 AM UTC  (today)

File size:
2 MB (2,108,264 bytes)

Product version:
5,4,0,90007

Copyright:
Copyright (C) 2014 Baidu, Inc. All rights reserved.

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\programs\bavpro_setup_mini_e358_4640726446407264.exe

Digital Signature
Signed by:
Baidu Online Network Technology (Beijing)Co., Ltd

Authority:
VeriSign, Inc.

Valid from:
4/24/2012 2:00:00 AM

Valid to:
4/25/2015 1:59:59 AM

Subject:
CN="Baidu Online Network Technology (Beijing)Co., Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Baidu Online Network Technology (Beijing)Co., Ltd", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3BDB1994B98BBB19AB55A42337FA4F5C

File PE Metadata
Compilation timestamp:
10/22/2014 5:17:25 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
49152:nsLybH2zEigEK1CkT9NWRWb5zTUah55tDRS:nsLn3gEMyWb5LTS

Entry address:
0xB48FF

Entry point:
E8, 1F, FB, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 20, C2, 4E, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 58, 33, 4E, 00, C9, C2, 08, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 00, 01, 00, 00, 72, 0E, 83...
 
[+]

Entropy:
6.8743

Code size:
900.5 KB (922,112 bytes)

The file bavpro_setup_mini_e358_4640726446407264.exe has been seen being distributed by the following 50 URLs.

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=273414877273414877

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=134981382134981382

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=210397957210397957

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=8684552486845524

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=9133030691330306

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=190636103190636103

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=231263365231263365

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=186734126186734126

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=131077110131077110

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=267320832267320832

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=202425795202425795

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=202553539202553539

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=140442754140442754

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=183670169183670169

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=4476884044768840

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=4445847144458471

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=198329139198329139

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=152028301152028301

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=246580732246580732

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=190481636190481636

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=186872745186872745

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=136090274136090274

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=211586464211586464

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=110909515110909515

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=110191062110191062

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=223068848223068848

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=160421414160421414

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=243611152243611152

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=211899348211899348

http://antivirus.baidu.com/cgi/s2s/dl.php?cr=egypt&lang=ar&ptn=Zwaar1&host=http://.../&sid=8287809182878091

Latest 30 of 243 download URLs

Scan bavpro_setup_mini_e358_4640726446407264.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.