home

pangu8_v1.1.0.exe

Lingbao Qinling Electronics Co., Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from posixspwndownload.com and multiple other hosts.
Publisher:
Lingbao Qinling Electronics Co., Ltd.  (signed and verified)

Version:
1, 1, 0, 1

MD5:
e8c9199b6425b0a070fd9de14f179d58

SHA-1:
6c2dbe785f32deaa12bc18f3680e1ecc045c0e08

SHA-256:
9ff4378445f0496281485647ed2dcb5c8e2d7f4c971529e972cb39d3bc0c626a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 6:54:06 AM UTC  (today)

File size:
42.2 MB (44,201,920 bytes)

Product version:
1, 1, 0, 1

Copyright:
Copyright (C) Pangu Team

Original file name:
Pangu.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, China)

Common path:
C:\users\{user}\downloads\pangu8_v1.1.0.exe

Digital Signature
Signed by:
Lingbao Qinling Electronics Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
6/22/2014 7:00:00 PM

Valid to:
6/23/2015 6:59:59 PM

Subject:
CN="Lingbao Qinling Electronics Co., Ltd.", OU=IS, O="Lingbao Qinling Electronics Co., Ltd.", L=Lingbao, S=Henan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
37EDA0F1C795F86E6AB6E496B415F64B

File PE Metadata
Compilation timestamp:
10/31/2014 8:25:46 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
786432:FhszeWyZ00PxZA1nzDi4Jn5YzS5n099qQjrRCQtWwtr+o6EXkL4Yz3s5:0zef3vV4h5YW5nmjrRCs9io6OW4Yz8

Entry address:
0x60BC57

Entry point:
60, 60, 66, 89, 64, 24, 04, 9C, C7, 44, 24, 40, 77, 47, 37, B7, 9C, C7, 44, 24, 40, A0, 94, C0, C9, 88, 7C, 24, 0C, 55, 88, 14, 24, 8D, 64, 24, 44, E9, 22, 47, 00, 00, 18, 92, 0D, 64, FE, 5A, C5, AA, 09, E9, 98, 29, AF, 55, A9, B4, 4A, DD, A7, 6B, 70, 0B, 70, 7B, 80, 02, 38, 72, C9, D9, E5, 4C, 92, A7, 3F, 08, BB, 2F, 70, 61, C6, C6, F5, AA, AA, 99, 1B, 8E, 25, 7F, 41, DD, 3D, E6, 89, 99, 25, FA, FE, 07, 7C, F1, B1, E5, 90, A9, 31, 2D, 45, A3, 09, 99, C4, BA, 61, 61, E5, 3D, 72, A8, E1, F0, A5, BA, 3A, 84...
 
[+]

Entropy:
7.9574  (probably packed)

Code size:
3.4 MB (3,530,752 bytes)

The file pangu8_v1.1.0.exe has been seen being distributed by the following 4 URLs.

http://posixspwndownload.com/.../Pangu8-1.1.0.exe

http://software.thaiware.com/download_url.php?id=9661

http://pangu8.com/Pangu8.exe

http://dl.pangu.25pp.com/.../Pangu8_v1.1.0.exe

Scan pangu8_v1.1.0.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.