» pangu.exe
Overview
Analysis
File Details
Downloads (1)

pangu.exe

Cetosenuto

Lingbao Qinling Electronics Co., Ltd.

This is a setup and installation application. The file has been seen being downloaded from cdndownloadpls.com.

File name:

pangu.exe

Publisher:

Nasofalo (signed by Lingbao Qinling Electronics Co., Ltd.)

Product:

Cetosenuto

Description:

Cetosenuto Setup

MD5:

52995e55d692b1b6389aa4a247872ab4

SHA-1:

6b52da6de5c7011ced49f801307f7eb67439d1a9

SHA-256:

484d065c3658c9af1c1c4a480aa86cbdedb1d37334496670ede2d95e4dbf210d

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/23/2024 6:12:26 AM UTC (today)

File size:

1.2 MB (1,252,800 bytes)

Product version:

4.4.7

Lite

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\pangu.exe

Digital Signature

Signed by:

Lingbao Qinling Electronics Co., Ltd.

Authority:

VeriSign, Inc.

Valid from:

6/23/2014 2:00:00 AM

Valid to:

6/24/2015 1:59:59 AM

Subject:

CN="Lingbao Qinling Electronics Co., Ltd.", OU=IS, O="Lingbao Qinling Electronics Co., Ltd.", L=Lingbao, S=Henan, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

37EDA0F1C795F86E6AB6E496B415F64B

File PE Metadata

Compilation timestamp:

6/28/2014 8:09:03 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

Entry address:

0x4400A9

Entry point:

9C, 9C, 60, C7, 44, 24, 24, DD, 27, CF, 95, E8, 7B, 95, 01, 00, 68, B0, 92, F8, 6B, 9C, 8D, 64, 24, 04, E9, 95, 11, 02, 00, 9C, 8D, 64, 24, 0C, 0F, 86, C5, 60, 01, 00, F8, 83, E9, 01, 0F, CE, 66, 0F, BD, F2, BE, 27, F0, AC, 92, 89, 4D, FC, 66, 0F, BD, CA, 4F, 66, C1, FE, 0F, 81, E6, 06, 08, E1, 17, 8B, 4D, F8, 38, EC, 66, 0F, C1, FE, 60, 38, EB, 03, 4D, FC, 66, 0F, C1, FE, 66, C1, E6, 0C, 66, D3, EF, 8D, 3C, ED, C6, E8, 70, 57, D1, E9, 9C, 66, 01, CF, 8B, 3C, 8B, E8, 88, 4B, 00, 00, 65, 34, CA, 2C, E2, 6C... 
[+]

Code size:

2.1 MB (2,223,104 bytes)

The file pangu.exe has been seen being distributed by the following URL.

http://cdndownloadpls.com/dl/?z=1052&name=Pangu&file=http://dl.pangu.25pp.com/.../Pangu_v1.1.exe&vi=21

Scan pangu.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.