home

spark_setup_all.exe

Spark

Baidu, Inc.

This is a self-extracting archive and installer. The file has been seen being downloaded from updown.browser.baidu.com.
Publisher:
Baidu, Inc.

Product:
Spark

Description:
Spark Setup

Version:
26.4.9999.1900

MD5:
38c99bfeab64ab0551de7513b3e5620d

SHA-1:
bb7443906863bbbec6c5f3d292bb8704af00b495

SHA-256:
db32ccd443ad4d283b19156073667c5488136f491c17e212fe60af61d6ac278e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/29/2024 5:53:00 AM UTC  (today)

File size:
34.6 MB (36,315,784 bytes)

Product version:
26.4.9999.1900

Copyright:
Copyright (C) 2013 Baidu Inc. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\spark_setup_all.exe

File PE Metadata
Compilation timestamp:
4/10/2010 2:19:23 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
786432:oWFHM4rHvnJSCnHi97cBQq5wzj8tf9GcJ4JGxrp7XyIbuEZ:oWFHTDvM2Acaq6zwt/JP7XyMBZ

Entry address:
0x33E9

Entry point:
C6, C6, C3, 38, D7, 69, C0, 31, 51, 7D, 33, 0D, 95, 8D, 3C, 2F, F3, 24, 4D, 8D, 0D, 13, BB, 5D, 49, 03, D2, 85, F1, 28, FE, 4E, 3B, D2, 0F, AF, F9, 46, F6, C5, EC, 4D, 0F, AF, D1, BE, 7C, FE, D5, 89, B8, 99, 06, 00, 00, 89, EB, 35, 94, 0A, 00, 00, FE, CF, F3, 0F, BF, EA, 69, F0, AB, 4A, F6, EF, FE, C7, 2D, B8, 07, 00, 00, B9, 05, 09, AE, 7E, 69, D8, E2, DF, 9F, 50, 8D, 1D, F8, 05, 02, 88, 05, B7, 07, 00, 00, 0F, B6, F4, C6, C1, 43, 02, ED, 8B, F6, 0F, B6, E9, 3D, 23, 01, 00, 00, 0F, 83, BF, FF, FF, FF, 47...
 
[+]

Entropy:
7.9998  (probably packed)

Code size:
25 KB (25,600 bytes)

The file spark_setup_all.exe has been seen being distributed by the following URL.

http://updown.browser.baidu.com/.../Spark_Setup_all.exe

Scan spark_setup_all.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.