pangu9_v1.3.1.exe

Lingbao Qinling Electronics Co., Ltd.

This is a setup program which is used to install the application. The file has been seen being downloaded from www.lo4d.com and multiple other hosts.
Publisher:
Lingbao Qinling Electronics Co., Ltd.  (signed and verified)

Version:
1, 3, 1, 0

MD5:
e428cdd0c7c0d57ca7588b9cff709b54

SHA-1:
c1af8b5ff94b28007b8b1523bf297423413659fe

SHA-256:
41bbbfbeea7aa181bf640d58b59254292bfb9fcfa5dfe111ec6cda0d9c8a0b99

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/29/2024 11:01:53 AM UTC  (today)

File size:
76.9 MB (80,606,448 bytes)

Product version:
1, 3, 1, 0

Copyright:
Copyright (C) Pangu Team

Original file name:
Pangu.exe

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\downloads\pangu9_v1.3.1.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
10/13/2015 7:00:00 AM

Valid to:
10/13/2016 6:59:59 AM

Subject:
CN="Lingbao Qinling Electronics Co., Ltd.", OU=DEV, O="Lingbao Qinling Electronics Co., Ltd.", L=Lingbao, S=Henan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
501C911C485179AB73B730D83BBEF929

File PE Metadata
Compilation timestamp:
3/16/2016 3:19:56 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1572864:UQIK0GqKolffhksghVSN26qE285YSoI/ucFK9FiHgpGetEugVdr1M6sN:UQ70GoKSE6WSYSZSSgpJDip1M6e

Entry address:
0x5CF6AA

Entry point:
EB, 08, 7C, 8E, 5A, 00, 00, 00, 00, 00, E9, CD, 1E, FE, FF, 00, 00, 00, 00, 00, 00, 00, EA, 66, 01, 00, F4, 67, 01, 00, 00, 9C, 01, 00, 1C, 9E, 01, 00, 9C, 2E, 02, 00, 80, 2D, 36, 00, 9B, 2D, 36, 00, BE, 2D, 36, 00, D9, 2D, 36, 00, FC, 2D, 36, 00, 37, 2E, 36, 00, 52, 2E, 36, 00, 75, 2E, 36, 00, A6, 2E, 36, 00, C1, 2E, 36, 00, 18, 2F, 36, 00, 33, 2F, 36, 00, 75, 2F, 36, 00, 9E, 2F, 36, 00, E2, 2F, 36, 00, 22, 30, 36, 00, D6, 31, 36, 00, 11, 32, 36, 00, 37, 32, 36, 00, 6E, 32, 36, 00, 94, 32, 36, 00, E3, 32...
 
[+]

Entropy:
7.9701  (probably packed)

Code size:
5 MB (5,233,152 bytes)

The file pangu9_v1.3.1.exe has been seen being distributed by the following 23 URLs.

http://www.lo4d.com/get-file/pangu-jailbreak/.../

http://www.lo4d.com/get-file/pangu-jailbreak/.../

http://183.91.33.17/cache/dl.pangu.25pp.com/.../Pangu9_v1.3.1.exe

http://www.i0sen.ch/wp-content/uploads/.../Pangu9_v1.3.1.exe

http://www.afterdawn.com/software/.../download.cfm?version_id=109506&software_id=10610&mirror_id=29095&installer=0&perion=0&air_installer=0

https://mega.nz/temporary/.../t1RUzCoT

https://mega.nz/temporary/.../G8gBwDwT

http://download1621.mediafire.com/978r705e49fg/.../Pangu9_v1.3.1.exe

http://www.lo4d.com/get-file/pangu-jailbreak/.../

http://download1431.mediafire.com/cp9c4k28yxwg/.../Pangu9_v1.3.1.exe

http://api.viglink.com/api/click?format=go&jsonp=vglnk_147018071549311&key=e97682afa628bbf9014f553a2786f73d&libId=ire3lt790100z8gu000DAhhfqbtka&loc=http://www.idownloadblog.com/download/&v=1&out=http://dl.pangu.25pp.com/jb/Pangu9_v1.3.1.exe&ref=http://www.idownloadblog.com/2016/07/24/.../&title=Jailbreak download and iOS software download&txt=Windows

http://www.lo4d.com/get-file/pangu-jailbreak/.../

http://dl2.apptrackr.ir/user6/.../Pangu9_v1.3.1-www.AppleApps.ir.exe

http://www.lo4d.com/get-file/pangu-jailbreak/.../

http://files.downloadpangu.org/Pangu9_v1.3.1.exe

temp:Pangu9_v1.3.1.exe

http://113.171.224.204/.../Pangu9_v1.3.1.exe

Scan pangu9_v1.3.1.exe - Powered by Reason Core Security