pangu9_v1.0.0.exe

Lingbao Qinling Electronics Co., Ltd.

This is a setup program which is used to install the application.
Publisher:
Lingbao Qinling Electronics Co., Ltd.  (signed and verified)

Version:
1, 0, 0, 0

MD5:
e16bfe5639381109cd44190b2ea272f3

SHA-1:
c48e1c1f84c1d5ff6046cc4eb7344335b314ba4b

SHA-256:
1d851fc1c2593b3b21ac0dea54aa1f25f003841805953763d00f22101472f9cc

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/5/2024 1:51:38 PM UTC  (today)

File size:
73.3 MB (76,865,944 bytes)

Product version:
1, 0, 0, 0

Copyright:
Copyright (C) Pangu Team

Original file name:
Pangu.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
10/13/2015 3:00:00 AM

Valid to:
10/13/2016 2:59:59 AM

Subject:
CN="Lingbao Qinling Electronics Co., Ltd.", OU=DEV, O="Lingbao Qinling Electronics Co., Ltd.", L=Lingbao, S=Henan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
501C911C485179AB73B730D83BBEF929

File PE Metadata
Compilation timestamp:
10/14/2015 5:54:33 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1572864:e1tIT9KolffhksghHHXN26qE285Yk2oI/ucFK9FiHgpVPkqrql3Elbz7t:e1ts/8HXE6WSYk2ZSSgpVprq8zR

Entry address:
0x41695E

Entry point:
E9, 82, 46, FF, FF, 67, EA, 5E, 55, B5, EF, A4, BB, 75, 0B, E0, D5, B1, DD, EC, 13, 37, 13, 76, F2, 51, 44, 44, 7E, 9A, 14, 03, 15, 84, B4, 60, 9E, A3, 41, D6, B4, CD, 9E, 0C, 87, 8E, 6A, 56, 5B, 5D, B9, 50, E9, DD, AD, 5B, 22, A8, D9, C9, 5B, 29, AB, B4, 26, 8B, A9, E4, 35, CF, 65, B0, FF, 4F, 3B, 78, 31, 36, 1F, 43, 73, C1, DA, AF, AB, 8B, 0C, FD, 9D, 5D, 73, 0A, F4, 35, 78, 1B, 05, 1A, 72, F9, 8A, 65, F3, 54, D1, 2C, 13, FF, 48, 24, B0, ED, 1E, DE, C9, 44, C1, 97, E6, 27, A4, C9, EF, 71, EF, 58, 4E, FB...
 
[+]

Entropy:
7.9834

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
1.9 MB (2,043,392 bytes)

The file pangu9_v1.0.0.exe has been seen being distributed by the following 32 URLs.

q=http://ios.othman.tv/ios9.php&redir_token=UDqIo1mYxArNcdjqDU8DpklsvWl8MTQ0Nzg2NzE0OEAxNDQ3NzgwNzQ4

q=http://ios.othman.tv/ios9.php&redir_token=a79mWpIFzA4giN9WsWKdcMNt01d8MTQ1MDY3ODQ5M0AxNDUwNTkyMDkz

q=http://ios.othman.tv/ios9.php&redir_token=byI2yybj85XhZ9WiQpksHvCyQdx8MTQ0NzcwNDEyMkAxNDQ3NjE3NzIy

blob:B7C661D9-FC2D-499E-995E-5ED4192402FD

http://files.downloadpangu.org/Pangu9_v1.0.0.exe

q=http://ios.othman.tv/ios9.php&redir_token=fIB_TZBmhTLyM-epfHD8uyqeubJ8MTQ0NTQ2MjM2MEAxNDQ1Mzc1OTYw

http://files.downloadnow.com/s/software/14/48/17/.../Pangu9_v1.0.0.exe

q=http://ios.othman.tv/ios9.php&redir_token=QHsqA0-kBTkvGC7Nq0ym9E43TFx8MTQ0OTM3OTQ1NkAxNDQ5MjkzMDU2

https://docs.google.com/uc?export=download&confirm=pYy2&id=0Bzy-AL2mBLtOTGp1SXdGd0hmOUk

q=http://ios.othman.tv/ios9.php&redir_token=mjUmCuUnpGuxRzIlPO7KB7gafvh8MTQ0NjkyOTYxMEAxNDQ2ODQzMjEw

http://ios.othman.tv/ios9.php

http://goo.gl/Jdj5Cj

https://docs.google.com/uc?export=download&confirm=EEkG&id=0Bzy-AL2mBLtOTGp1SXdGd0hmOUk

q=http://ios.othman.tv/ios9.php&redir_token=a7RMFZlyFBtQwnOKxRVmdSlNk1t8MTQ0NzM1NjUzNEAxNDQ3MjcwMTM0

q=http://ios.othman.tv/ios9.php&redir_token=glG83Oix_aK1is4_b51CVHKSPfV8MTQ0NzgxOTY2N0AxNDQ3NzMzMjY3

q=http://ios.othman.tv/ios9.php&redir_token=Gc9S9F3wmQILkZVyz33wu5d-iSB8MTQ1MTA2MDIzN0AxNDUwOTczODM3

q=http://ios.othman.tv/ios9.php&redir_token=yr5uK9rNg0lmwxP3kDgi-jawUF18MTQ0NTI4NDY0NEAxNDQ1MTk4MjQ0

q=http://ios.othman.tv/ios9.php&redir_token=6-tJOS4mXFp0rJmugbyugLAoC1R8MTQ0NjE1ODUwMUAxNDQ2MDcyMTAx

q=http://ios.othman.tv/ios9.php&redir_token=OWQL0yttl1kH-gyc-xIGIUV2P718MTQ1MDExNTgxMUAxNDUwMDI5NDEx

temp:Pangu9_v1.0.0.exe

q=http://ios.othman.tv/ios9.php&redir_token=GqfFAQ9WIkgbs3_1A6EeHd_wtHp8MTQ0NTY0MDMzN0AxNDQ1NTUzOTM3

Latest 30 of 32 download URLs

Scan pangu9_v1.0.0.exe - Powered by Reason Core Security