home

bdaticketfaster.exe

百度抢票宝

Beijing baidu Netcom science and technology co.ltd

Publisher:
Beijing baidu Netcom science and technology co.ltd  (signed and verified)

Product:
百度抢票宝

Description:
百度卫士-百度抢票宝

Version:
5.0.3.22

MD5:
3d89e3c8fbc3996630ade9bb4e3d2508

SHA-1:
824c83392d17272c3d2d85ea3d93498993e2b84c

SHA-256:
3177745f2a14960b3d254906cbbc63a7685a6fd0c0d8bea113e3856cb9892518

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:11:54 AM UTC  (today)

File size:
1.2 MB (1,251,848 bytes)

Product version:
5.0.3.22

Copyright:
Copyright (C) 2013 Baidu Inc.

Original file name:
BdTicket.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\appdata\roaming\baidu\browser\profile\extensions\gfpfmcgpnkfiijmiolmnnaoodfhekgjj\1.0.5.14_0\bdaticketfaster.exe

Digital Signature
Signed by:
Beijing baidu Netcom science and technology co.ltd

Authority:
VeriSign, Inc.

Valid from:
2/27/2012 7:00:00 AM

Valid to:
2/27/2015 6:59:59 AM

Subject:
CN=Beijing baidu Netcom science and technology co.ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Beijing baidu Netcom science and technology co.ltd, L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
56659719569BE07B775A1B2275E2D83A

File PE Metadata
Compilation timestamp:
9/4/2014 9:30:29 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:FGVRzJ1FB+xIcI9zanV12VUHuE00hVE8GLWaT7KWulO5lh0G1FIvdoQ:AJkxILzyV12VauZ1LWaTukG6aveQ

Entry address:
0x83BE8

Entry point:
E8, 6B, 05, 00, 00, E9, DE, FC, FF, FF, FF, 25, 58, F5, 49, 00, FF, 25, 54, F5, 49, 00, FF, 25, 50, F5, 49, 00, FF, 25, 4C, F5, 49, 00, FF, 25, 48, F5, 49, 00, E9, D7, 05, 00, 00, CC, FF, 25, 44, F5, 49, 00, FF, 25, 40, F5, 49, 00, FF, 25, 3C, F5, 49, 00, FF, 25, 38, F5, 49, 00, FF, 25, 34, F5, 49, 00, FF, 25, 30, F5, 49, 00, FF, 25, 2C, F5, 49, 00, FF, 25, 28, F5, 49, 00, FF, 25, 24, F5, 49, 00, FF, 25, 20, F5, 49, 00, FF, 25, 1C, F5, 49, 00, FF, 25, 18, F5, 49, 00, FF, 25, 14, F5, 49, 00, FF, 25, 10, F5...
 
[+]

Entropy:
7.1285

Code size:
632 KB (647,168 bytes)

Scan bdaticketfaster.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.