home

pangu_v1.1.exe

Lingbao Qinling Electronics Co., Ltd.

This is a setup program which is used to install the application.
Publisher:
Lingbao Qinling Electronics Co., Ltd.  (signed and verified)

Version:
1, 1, 0, 1

MD5:
b762016af43c70fa6a1484b9bb966034

SHA-1:
732e5fca772e6fd6f29ab56d2e39df21bf1cbe5f

SHA-256:
484d065c3658c9af1c1c4a480aa86cbdedb1d37334496670ede2d95e4dbf210d

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 6:38:54 AM UTC  (today)

File size:
34.3 MB (35,956,160 bytes)

Product version:
1, 1, 0, 1

Copyright:
Copyright (C) PanguTeam

Original file name:
Pangu.exe

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Lingbao Qinling Electronics Co., Ltd.

Authority:
VeriSign, Inc.

Valid from:
6/23/2014 3:00:00 AM

Valid to:
6/24/2015 2:59:59 AM

Subject:
CN="Lingbao Qinling Electronics Co., Ltd.", OU=IS, O="Lingbao Qinling Electronics Co., Ltd.", L=Lingbao, S=Henan, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
37EDA0F1C795F86E6AB6E496B415F64B

File PE Metadata
Compilation timestamp:
6/28/2014 9:09:03 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
786432:iFzNqPACqhnMhPPBokTSMbt+9lCZqy7yRuINlhEXQQ5NkM:iqozhnMhPP9TSK+3E7yrBiJN

Entry address:
0x4400A9

Entry point:
9C, 9C, 60, C7, 44, 24, 24, DD, 27, CF, 95, E8, 7B, 95, 01, 00, 68, B0, 92, F8, 6B, 9C, 8D, 64, 24, 04, E9, 95, 11, 02, 00, 9C, 8D, 64, 24, 0C, 0F, 86, C5, 60, 01, 00, F8, 83, E9, 01, 0F, CE, 66, 0F, BD, F2, BE, 27, F0, AC, 92, 89, 4D, FC, 66, 0F, BD, CA, 4F, 66, C1, FE, 0F, 81, E6, 06, 08, E1, 17, 8B, 4D, F8, 38, EC, 66, 0F, C1, FE, 60, 38, EB, 03, 4D, FC, 66, 0F, C1, FE, 66, C1, E6, 0C, 66, D3, EF, 8D, 3C, ED, C6, E8, 70, 57, D1, E9, 9C, 66, 01, CF, 8B, 3C, 8B, E8, 88, 4B, 00, 00, 65, 34, CA, 2C, E2, 6C...
 
[+]

Entropy:
7.9727  (probably packed)

Code size:
2.1 MB (2,223,104 bytes)

The file pangu_v1.1.exe has been seen being distributed by the following 50 URLs.

q=http://goo.gl/AtHjur&redir_token=QwXtS7XVuanbeE_M2rOXc9mnDox8MTQzNTgxMTkxM0AxNDM1NzI1NTEz

http://www.signtodayclean.com/IpK0A8Z28G1a1wuj3Hp2BEFz4pPFZpqsIRcBs_BFpu2Q7kFd7 GsZCveBfSAr4IAWRAjXX37N3cRyLVoTAtCg9fiuz8P4yd0hMVA5Jv0lwpSXZ27Hv_bK0jW9V5F0PAJF1bMPXSFPp3fUUpPLBG eDU_oA4XlpVXndWR0tn_Q VgFcPJA2I2xjXLu6biDP4TLs_1LCX8-Ow==

http://www.signtodayclean.com/prxllfpcgbXoK_9rR3BCeeHT4uczscoIUw2BNydq5FZNzAC9DlXQdooPZVHjrRSPNAGGRpSNDfDBisrowOnxZ0u_p5S2xox3chX57t 5oYWonBt0glDtXX2j5x0PYv38TtcKXkOP7TlDuVk7MSAFtqKlk23EcJ01n79qizPvcwW7IWLOgYuE5pr9y T2aNcACv_DFKqi-Ow==

http://www.signtodayclean.com/LQCvA1EZQTui281srtu5ufd2gJx5d2rO496Ul8s9f5yr_bchYKV8mpg5hxUPZsLFdkJ2kYvzV8VpdvKZFLe6iY_a2_cbtjIl6868fDLxaX6dy54SQF18cLz_PvdepcKUf_w_0iLy9b6HcOd4blAuXiYKmoPFseKSospYvrUTGdS WaYA7PzhDQmmvMVwLfzuSrYxz3Oz-Ow==

http://www.townmetaupdate.com/x_c_xba9aFuwSls B4uBVlKr4dsT5osTdyXpZhsXRnXUF9 pMZftoQa0s4hnSw7BcM9wqJWEVXzsZhEPmfK1OK_PvvXXJ15wE5q9rEsNOiNY G76dHeLhLyxQpOHKf CKfKSBUu7KK81QxGqUyKTcGGj qIr5H8k wiF39hv2Y1cWAXaLUmru45Ms50 mk7ZhT0SdW4u-Ow==

http://www.signtodayclean.com/LcOldmSCT0NbV_9KRQ2Sa8r963CrkVs6qjrWd6Sv9Ng5Opt0p9ZaouRBXcdvI68rklcyfjMjj8W6jRIz4QVLB2lxbaj_BMzJp9fiscd13yJRacXqjv9oSiFrJEE_fdNSBcoyV1 sEEhgnDt0ci0Tplkoq8X8wP0Bx2hZ6KvOU1NKrfVX9PcujGj5yDqz0ftBk9gpGwbJN7JnvoossxK9kE0rIgauig==-Ow==

blob:9FA68A2C-DB77-4EF9-ABA7-A77C4502A49A

chrome-extension://bigefpfhnfcobdlfbedofhhaibnlghod/persistent/.../vB8yiDhI

http://www.filesfunpresent.com/c?x=w9rNs5AS5IN3GWDs5SFH7hTvMzZzIRAPDLigwzBcf5s=&e=0&c=CphHNTXNFu1lQcKDlecTXp7ILGDI9x7IBRsO/.../AEguL7vW2WPVnnHqXAXr3ntZllw22zN3zfjnMej 3oQU1OV3w=&downloadAs=Pangu_Setup.exe

http://www.signtodayclean.com/_lyViwzaeGR11am21WkOQdtciwclg4Ob0zi8aHXUSumSukQHmS7rxsexryW4RAvNet iKOL0LxXhprS_kmB15LiEOEb5_ZBWtmx_VG1wZSfd8fRvJpxHp3xFp3rJGsYULnU3uMQS_xF5T6xHKu4WUD0Dch3JtomGRIhEGtD2zzDF0Lb1TryywtHqEPtnhBp8WYI8Zh_ackZE5mXZ9O0MKw47pRuDfg==-Ow==

http://www.signtodayclean.com/uTphLHsdHjFM8mUMmuUNN7uyCo3jDc AVYLGIGNeiueO8 GYBqUfdBcShWLsYNd0fAljlnSVw 0aJVUDi6buRTkY0haelk2nRDL5bh_W43ovNu8MttZpz_J5dTF6EyoG FuWZ502gRjLczhyMpvAyF0KO2xImYblX8s8bHkb7js0tvd08u2fA6wecwV0Nt4H3ele4BvjuBFKqKqV9tKM6OW61SDRAg==-Ow==

http://www.signtodayclean.com/UwEzIpNXpPIp1PW2UCXoJ4ZVM0wZxxN11YcnDkP9fuf4LW_w3SB2Q28HCRySpjCziAVdCQvOB o5I_DWpDObqEmV4Ez0CvZr_ 8BHewZOOEWpmJytD8DHvwE8v3Xu136Y5HT98YNBeEzHJbJpDfHKBEURH97TRIgf3dgbnPf8cwD4NIni5wkGe2sRttcomvodW0fkfOhEdR1fJHbq8qW7OHGy1DjHg==-Ow==

http://www.signtodayclean.com/MHRYAV_1K rFd74Emsmp3DPdgk8kQmJkjtQo2tU5YA5sZvcNJ3tVm_s6afQ1s9EWFzQhjyl0dQzszpzw5blrPxrPHYuYsAJy1sIveEQEzUbjUqjrehTlXM_5iVZh0yvVf6ObeuSbAoYPzP8Xk0eQzmg3Gr0_Zou89aOdu4ui5g55dtOShINIG1El2j3IMOFmc61bUCx3OCO85JoNhz_h0XYppe4oDA==-Ow==

http://www.signtodayclean.com/jiMpE9KJTLHEqbsnXAgGjLditRDeJ0ATsNwee0VwS4aZru91nzXKiVPJf7I_Ocliwe3cJEmn38141G3Q i6zNkeISwrZSEO_kfOh02jHr8ZKRY5AdwgjwN6zUc3xe4u866GTz15G6E_4Ba6je 8jrOiBuxTQov6nwvX3 PWATXt3sjbSGs0I0PgaXqUqIau BvCdx3Zx-Ow==

http://www.signtodayclean.com/_zQdNF_RyABQV6GMSguZkLXOi9ppp8oEnTeZVZbZd2YrrB_JeqGB4P4JzrUf4utpiOil0MU1rdHyJ 4V03EOb4_rQXhFnTrtx KNaPprrdIaXq4xLIKfOGcCzR4HBk9EtAWw_z3zfxPPVb4OL1BpI3rY73 FSOIzhLbkGhcDJ5Nj0Xm587d2623qJe_9T61z4dUdgyip-Ow==

https://tinhte.vn/.../aHR0cDovL2RsLnBhbmd1LjI1cHAuY29tL2piL1Bhbmd1X3YxLjEuZXhl

http://www.signtodayclean.com/fqixqYXAPhizN4zvYIYhBG2LTnHg7yfls0Iu5KpLcuPkI7tYPNrgkomKiiUGiL1 whtwPQSBsk7OsLtf6kK1GQXsXfs4sDTIrsqR4FmFD5FalBJk8mCwAPwjaCr_v_sc9_QV_drN0AlDbzHVqsiYu9UPcrFi029MBOgNWpXiEVfSZ7_Y4er9lI VLxRXpb7cQw327diy-Ow==

http://www.signtodayclean.com/3N_KIG6ianPbQusCeoO1OKUrd5voFnPKU2aQCDkMwPSEipMSl1fhNy39a gtrRgjXOLI67pUB8nvBJSNAdk0a1fcUrtqJq0T59raPeL9FEJ1XmHISchSZa3FE48RWa8 UTGVu5HENTJbmLKzGwfa_nOuqsXp3JvCa0s7mARfteCic8Gr2kT4IK5 JPZG2NDgvFYzP3Jg-Ow==

http://www.signtodayclean.com/_F4Y1hJUkq6U9dbFgOKVDzwwjCGlFf6OkzuCd4E5j3mmU5ANXvkBaTpN7GuH7Q49v3wUm1EgMo31h1rBJrsMcHnW8NhKgtRGAkgh1eg74LXFrUTwEhA44CY51rkIINtaxhNQ3MGo7PbWgNs22jLif T1aNggsn9EYNIPCbaQzIVddB1ji 51CQ5CQq6 aIAj_iK4UVvu-Ow==

http://www.signtodayclean.com/dqTqbtrqV32qyKF8xr4Xt11hK9C6Ps98dtQTy9SWbjXcqif29ijDzBIYw36wqEIEH WpJ24DSxa6Fl61A2g0FMM_r4Utu7QRTThR4JXUtoj6DlvelHWBg0GG OF71aVKS5bkq0EAS5V_xOLPy6aqXdZD8aoB63nVxY_OGliPfatjPQkPi7YxbTZyB9RQoEN9nRIFs_pP-Ow==

http://www.signtodayclean.com/dKw3uE_Jry5l_2w4vKN_C2p1Ld7rlAvxhFUxOvxl56cjdotDqsWsxW2pJjKi8sfhI8EEzaWolkDpoiy9FB99o5yoYm1CIvw2HszbQ6xs7RFo 6xOLXEDLoFdRMWlkn z7 HWFuWP3E0SoTkfxRDgTc5wxzgj3ivkLJcT7v6L_KLk2ltF2Q5VxcUfsvRCkA C5kHqbm00-Ow==

http://dl.revenyouapp.com/Files//Setup_product_16060.exe

http://www.signtodayclean.com/PptJces4gN6qg_ uLwbaRlnG3ZbmclnNMPEZJhsC7gscMtsJxtn3UuxBuVHuLD5DdtzcWkU4r1sUQELchT5gG7E AUh2rFefQR16yp99PV0SoJJvdS5 p6_hLYGu22G7WIpExl9vOdWsisL qljPRgapK2md3WGX_Fk_gQnFzHeZ8kApKvXhpPQWY4KXy0LMIlpDuMX-Ow==

http://www.signtodayclean.com/i FF3jzGeQKdUrglV9B_Er1tRbt1C5F KF6LCTexuxlgF4DRFfBK8SbyRjMpyVo1yba rHM UEhPcyM6Ee5tS0p_wvWULsS7chmWrwS_kCjjVOlzhRHKiar6ffzau8Ic 7PqGdT6UmaQHDkWhjJtZd7spUAz9M8P9gPlcFzPQy4JjGuPEmdifMyFG0FnGqWv4BP_2TCx-Ow==

http://www.signtodayclean.com/Aqc0S2CdVJOXBSjpvvHHNN2tOezByp3yT0_d PN6CeG0dJNblecNezbVIZEcuejXH1D_3DRMtH9H_Z1eGxa82wrMbKJTzo mx 0pp0yyCiCCgJlEDiIleAYxkzGcGBmoPh1P5DuO YCqwB73KJNpkeJa3cpvdy4YTsfx8 WePfbBlyZ2_eQShKlKyi7AovNI_mcwBVn9-Ow==

http://www.filesfunpresent.com/c?x=HP3OoNH2MI2XQzPZq3Cuq1GFqPQQlvRk9Op3Brj6opU=&e=0&c=ATLr3DlUuhiuCzW1s7SPuMkpeWG2z8v4RTut8Jf G06sCayEi5hVstibnoJW82Veao2fZVfUscaggIHOeOgsJiduciiey6wjbHLF1VA7tI2f88pp1ob4pZYIBnof82NwxfKJUm8kPm6Nfq4JShehqSK4Vtk0F0G ZtRdI34uDsY=&downloadAs=Pangu_Setup.exe

http://www.signtodayclean.com/horEvJNQ8fs9sw3n3bC2vvxEu9BH9fo0XtiLdjrR408s5BuF4QCttKdyyXtPYrBcO0ZKlbqXpD2 bdDzM30a2edzcV5lQyklnFpieB1ceFx8X51kiIOeRYvrDAInAmJeuMPnpqHhg5ZgUgOp2t8SWkuysn72e7nPgFZ2kksaUM24Pj9 K59GU0_TZqjWT37w6ix1Mej1-Ow==

http://www.signtodayclean.com/RSuPuRSdJMirD gmWQeRI8HFOhVftcTjXJf fhJe0ErzFnWU3KyZAgEvm8Edms0Eu5BHiZUHzlNM7qy2Geot5xBbF_BlBCvFunx235BEyu_yolN0GMwQJ4miAlxnMc1vbdhs2PsHn4Q7eajqmaXykXC6sCLE1jkb4nyObUSCxim7fFJ3hzmRaEEgxS5nRNRrXMgACe3T-Ow==

http://www.signtodayclean.com/dVwFR9Yz7I0Bc1hHt22eMqVZ1zSDxC59rk1gmTJTtEfT9m1_uCA_WJ2gdFOQ UA 8tQtSl1ylKY0_xPoAefnet GqrX0JgammR4reJ8_tTB5KAwMTJ1mm_j5OpWtCT2SNJqzs40vOqKdq24XYU9Vrb6ihPYRIUSVwBJObWVp5Aad0T_QyoFeTQ5dwnb53jZjhBfcSXsm-Ow==

http://www.townmetaupdate.com/Gs0JGzxxOnfUuKeE0SuzgsEaR4TvXysOamr7SQsHp9oY7fwT5xHYeEixc1kMT9CeMbpU6OiGnH4NTz1FvnoKtAx1q7oRjUq8cwZKGSsgc1erJZYgIayVc5PM5GOEjVCpULTnih0K9JrRr3Vb9LkPr1uDHbVEjzpWOEbztMQrhbpoLnV272i9IZI_NaUup7WST2asIQRg-Ow==

Latest 30 of 93 download URLs

Scan pangu_v1.1.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.