home

baofeng_5.55.1130.1111_setup.1449201418.exe

暴风影音2015安装程序

Beijing Baofeng Technology Co., Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from w.x.baidu.com and multiple other hosts.
Publisher:
北京暴风科技股份有限公司  (signed by Beijing Baofeng Technology Co., Ltd.)

Product:
暴风影音2015安装程序

Version:
5.55.1130.1111

MD5:
2698de4283974ac5fa8239f2e2977e76

SHA-1:
ab6040f4ce239b2b94e7fd9e046b071d26f8cf9f

SHA-256:
1f9a25ef8dab370d85eadfc99abb759a8ee401d452530369c30c0a711ccf9106

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 8:08:14 AM UTC  (today)

File size:
46.6 MB (48,886,176 bytes)

Product version:
5.55.1130.1111

Copyright:
Copyright (C) 2007-2015 北京暴风科技股份有限公司

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\baofeng_5.55.1130.1111_setup.1449201418.exe

Digital Signature
Signed by:
Beijing Baofeng Technology Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
2/4/2015 5:00:00 PM

Valid to:
4/5/2016 5:59:59 PM

Subject:
CN="Beijing Baofeng Technology Co., Ltd.", OU=在线QA, O="Beijing Baofeng Technology Co., Ltd.", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3F5A9D93D770229C503B8355B15B6DF0

File PE Metadata
Compilation timestamp:
12/2/2015 1:53:27 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
786432:VaniVbZTST+82RJoucz4szIkRoXElSxz5ItV/VmdpVFsDr+WeEQZxxKPSw7zACQG:Q2Y+8qJ56rznRo6S56VQ/wqWBQZvM7jF

Entry address:
0x9E1D0

Entry point:
E8, 4D, DA, 00, 00, E9, 89, FE, FF, FF, FF, 35, A4, B0, 4F, 00, FF, 15, 50, F3, 4B, 00, 85, C0, 74, 02, FF, D0, 6A, 19, E8, 94, 1C, 00, 00, 6A, 01, 6A, 00, E8, 66, 18, 00, 00, 83, C4, 0C, E9, 2B, 18, 00, 00, 8B, FF, 55, 8B, EC, 83, EC, 10, 53, 8B, 5D, 08, 56, 85, DB, 74, 11, 83, 7D, 0C, 00, 76, 11, 85, DB, 75, 23, 33, C0, E9, BC, 00, 00, 00, 83, 7D, 0C, 00, 74, EF, E8, 09, 12, 00, 00, 6A, 16, 5E, 89, 30, E8, 71, 38, 00, 00, 8B, C6, E9, A0, 00, 00, 00, FF, 75, 0C, 53, E8, 3C, FD, FF, FF, 59, 59, 3B, 45, 0C...
 
[+]

Entropy:
7.9930  (probably packed)

Code size:
758 KB (776,192 bytes)

The file baofeng_5.55.1130.1111_setup.1449201418.exe has been seen being distributed by the following 2 URLs.

http://w.x.baidu.com/alading/.../15945

https://doc-14-2c-docs.googleusercontent.com/docs/securesc/iu1nr2m4vdd7jj6ll31oih56p80bvmhh/r28k46n736umd30mbspqb0p0lhd77s59/1461736800000/10401343105019614054/.../0B09erdKxWPUDcGUxNEJiMkZsTDg?e=download

Scan baofeng_5.55.1130.1111_setup.1449201418.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.