home

c930b2a1ebd3fb60f64635702ce7c55b.exe

BeiJing Baidu Netcom Science Technology Co., Ltd

This is a setup program which is used to install the application. The file has been seen being downloaded from scloud-dlsw.br.baidu.com.
Publisher:
BeiJing Baidu Netcom Science Technology Co., Ltd  (signed and verified)

MD5:
f51dc7cf109fdce5f54e95ac9fcaeca1

SHA-1:
be03cac4c8f963eaf137ef4522613bc624c0a56b

SHA-256:
d94470aae9b96703bed706c4c43dbe2fa3f43aaf267c28df1928bab227e30e8a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/4/2024 8:59:20 AM UTC  (today)

File size:
9 MB (9,466,400 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\ProgramData\soft\c930b2a1ebd3fb60f64635702ce7c55b.exe

Digital Signature
Signed by:
BeiJing Baidu Netcom Science Technology Co., Ltd

Authority:
Symantec Corporation

Valid from:
12/15/2015 8:00:00 AM

Valid to:
2/7/2018 7:59:59 AM

Subject:
CN="BeiJing Baidu Netcom Science Technology Co., Ltd", OU=" Engineering Excellence", O="BeiJing Baidu Netcom Science Technology Co., Ltd", L=Beijing, S=Beijing, C=CN

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
1FD2D30E260FC289CFAF11518F2CD36F

File PE Metadata
Compilation timestamp:
6/14/2016 11:31:34 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
196608:79J7dyMMLMHBEd0feOrpxDSBJ7KKZQPigCg5a8jd1lneij:7j7EMTNfek27ZQPiaflneij

Entry address:
0x118DC40

Entry point:
68, D7, B7, 7A, BC, E9, 00, 37, 75, FF, 8D, 64, 24, 40, 0F, 83, 87, 0A, 00, 00, 66, 0F, BA, E0, 0F, F8, 83, C1, 01, E9, 9A, 33, 75, FF, 9C, 9C, 89, 7C, 24, 04, 60, 8D, 64, 24, 24, 0F, 8C, 2B, FA, FF, FF, 9C, 89, 1C, 24, E8, C0, 42, 04, 00, 0F, A3, C7, F5, 83, C1, 01, 83, C4, 08, 0F, 82, 66, 2D, 00, 00, 68, E6, 7E, 7A, 12, F8, 84, E4, 68, 73, 31, 2A, D0, 8D, 64, 24, 08, 0F, 85, B4, 2F, 75, FF, E9, BA, FF, FF, FF, 54, 82, 84, 37, 09, DB, ED, B8, AE, E4, 4E, B4, C6, EC, 2E, 6C, D2, 28, 5E, D4, EE, 8B, 42, D0...
 
[+]

Entropy:
7.8085  (probably packed)

Code size:
514.5 KB (526,848 bytes)

The file c930b2a1ebd3fb60f64635702ce7c55b.exe has been seen being distributed by the following URL.

http://scloud-dlsw.br.baidu.com/package/.../30180c3f695cc2dc2bff3716d74a373c.exe

Scan c930b2a1ebd3fb60f64635702ce7c55b.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.