pc_faster_setup_mini_s235_1383151207.exe

Baidu PC Faster

Baidu Online Network Technology (Beijing)Co., Ltd

Publisher:
Baidu Inc.  (signed by Baidu Online Network Technology (Beijing)Co., Ltd)

Product:
Baidu PC Faster

Description:
Baidu PC Faster MiniSetup

Version:
4,0,0,66368

MD5:
c1e9537298b2828df1696109ddb97c32

SHA-1:
c73d4795bbbedd751c13d17f0bc20c33ade37ca5

SHA-256:
3654f52418aa736b02045b811aea779876ea662f032bbd41306bb3141a5e0369

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 4:46:43 PM UTC  (today)

File size:
1.5 MB (1,608,736 bytes)

Product version:
4,0,0,66368

Copyright:
Copyright (C) 2012 Baidu, Inc. All rights reserved.

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\pc_faster_setup_mini_s235_1383151207.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
4/24/2012 3:00:00 AM

Valid to:
4/25/2015 2:59:59 AM

Subject:
CN="Baidu Online Network Technology (Beijing)Co., Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Baidu Online Network Technology (Beijing)Co., Ltd", L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
3BDB1994B98BBB19AB55A42337FA4F5C

File PE Metadata
Compilation timestamp:
4/21/2014 12:39:59 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:qjQQ0OE6+oYsuqu7rBebb/ITMVJt+YZpUi92jE:J+Esuqu0bDITi3LSjE

Entry address:
0xBA0CD

Entry point:
E8, 55, FE, 00, 00, E9, 79, FE, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 57, 56, 8B, 75, 0C, 8B, 4D, 10, 8B, 7D, 08, 8B, C1, 8B, D1, 03, C6, 3B, FE, 76, 08, 3B, F8, 0F, 82, A4, 01, 00, 00, 81, F9, 00, 01, 00, 00, 72, 1F, 83, 3D, 6C, 2F, 54, 00, 00, 74, 16, 57, 56, 83, E7, 0F, 83, E6, 0F, 3B, FE, 5E, 5F, 75, 08, 5E, 5F, 5D, E9, 1D, FF, 00, 00, F7, C7, 03, 00, 00, 00, 75, 15, C1, E9, 02, 83, E2, 03, 83, F9, 08, 72, 2A, F3, A5, FF, 24, 95, 54, A2, 4B, 00, 90, 8B, C7, BA, 03, 00, 00, 00, 83, E9...
 
[+]

Entropy:
6.7459

Code size:
1 MB (1,064,960 bytes)

The file pc_faster_setup_mini_s235_1383151207.exe has been seen being distributed by the following 50 URLs.

http://byvue.com/?a=174364&c=1210087&m=28&s1=S0001802&s2=C1246280814&s3=windows&s4=chrome

http://yllix.com/show_pop.php?a=257618&s=ODEzNDVhMmNhOGEyODIxZjI2Zjk4NzBkNjExNmQxMDQ=&u=378736&si=717524457&di=2349555&ci=16&sub=2&vs=

http://byvue.com/?a=174364&c=1210087&m=28&s1=S0003780&s2=C1246280814&s3=windows&s4=chrome

http://byvue.com/?a=233200&c=1210087&m=28&s2=ZP-SA&s3=juliet-yuk-PNtB5BaV&s4=joymicmiles,joymicmiles.swaultimate.com_&s5=WlY5NDdkNGYzNGVhOGYxMWUzYTQwNTBhZTBhNGVmN2I5YjE0MDE3Mzg4MTk

http://byvue.com/?a=233200&c=1210087&m=28&s2=ZP-SA&s3=papa-wha-eZBzcfhW&s4=sdl,sdl.opac.mandumah.com_&s5=WlYxNjI3ZmYzMmUwZDYxMWUzYjY3ODBlMWQ1N2IwYjk3NjE0MDA2Njk1ODc

http://www.pcfaster.com/cgi/s2s/dl.php?cr=sa&lang=ar&ptn=neverblue&host=http://.../&sid=2206880976

http://byvue.com/?a=233200&c=1210087&m=28&s2=yl-L-SA(2)&s3=2658738&s4=995253_Other_layer_layer

http://byvue.com/?a=233200&c=1210087&m=28&s2=yl-L-SA(2)&s3=2365608&s4=414362_Other_layer_layer

http://t.cttsrv.com/amzred?subid=23e090u4vXF6b18AjnNS8QrgBmOWViNGRhM2FkMmJlNzg4OWQ0MTIxMzI0YmY0NTO-n51AAE2_AAEAAAAAAADC778AIgABAAAAAgABAAAADwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABmE9_XZW4xNAEA&cost=0&ru=http://bidder.tlvmedia.com/.../click.php?subid=23e090u4vXF6b18AjnNS8QrgBmOWViNGRhM2FkMmJlNzg4OWQ0MTIxMzI0YmY0NTO-n51AAE2_AAEAAAAAAADC778AIgABAAAAAgABAAAADwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABmE9_XZW4xNAEA&redir=aHR0cDovL2J5dnVlLmNvbS8_YT03Nzg1NiZjPTEyMTAwODcmbT0yOCZzMj0kUEFSQU0k&subid2=4cc1aHR0cCUlM0ElJTJGJSUyRmF2aXJhLWZyZWUtYW50aXZpcnVzLmFyLnNvZnRvbmljLmNvbSUlMkZkb3dubG9hZA~~&subid2=4cc1aHR0cCUlM0ElJTJGJSUyRmF2aXJhLWZyZWUtYW50aXZpcnVzLmFyLnNvZnRvbmljLmNvbSUlMkZkb3dubG9hZA~~

http://byvue.com/?a=174364&c=1210087&m=28&s1=S0002725&s2=C1246280814&s3=windows&s4=chrome

http://byvue.com/?a=233200&c=1210087&m=28&s2=ZP-SA&s3=zulu-ecu-G4PVE3Vy&s4=hotspot shield - free vpn service,m,m.hotspotshield.com_&s5=WlYyYjk5NDY2MGRhZTgxMWUzODIxYjEyNWFlOGMyMDVkOTE0MDAwMTc2NDc

http://byvue.com/?a=174364&c=1210087&m=28&s1=S0002569&s2=C1246280814&s3=windows&s4=chrome

http://byvue.com/?a=233200&c=1210087&m=28&s2=yl-L-SA(2)&s3=2659449&s4=158543_Other_layer_layer

http://t.cttsrv.com/texred?subid=23f217u4vXF6b18Ai4K3gKrgAzNjA1NmY1M2U1MjYwZWUxNTNmNzMyNDljZWVmYjOR0gxBAE2_AAEAAAAAAHiVar8AIgABAAAAAgABAAAADwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABmE9_XZW4xNAEA&cost=0&ru=http://bidder.tlvmedia.com/.../click.php?subid=23f217u4vXF6b18Ai4K3gKrgAzNjA1NmY1M2U1MjYwZWUxNTNmNzMyNDljZWVmYjOR0gxBAE2_AAEAAAAAAHiVar8AIgABAAAAAgABAAAADwABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABmE9_XZW4xNAEA&redir=aHR0cDovL2J5dnVlLmNvbS8_YT03Nzg1NiZjPTEyMTAwODcmbT0yOCZzMj0kUEFSQU0k&subid2=e81aaHR0cDovL3d3dy5tZWRpYWZpcmUuY29tL2Rvd25sb2FkL29na2g2Y2Zueno0ZzJnMy9FY29uKzEwMSstK0ludHJvZHVjdGlvbit0bytFY29ub21pY3MucmFy&subid2=e81aaHR0cDovL3d3dy5tZWRpYWZpcmUuY29tL2Rvd25sb2FkL29na2g2Y2Zueno0ZzJnMy9FY29uKzEwMSstK0ludHJvZHVjdGlvbit0bytFY29ub21pY3MucmFy

http://byvue.com/?a=245864&c=1210087&m=28&s1=zpccsa&s2=42381766293

http://byvue.com/?a=504477&c=1275880&m=32&s2=NTI4OTN8MTE5Mjg5fFNBfDN8MXx8|485460f421336dc6cc21684ab3782638-9118-70355

http://byvue.com/?a=233200&c=1210087&m=28&s2=yl-L-SA(2)&s3=3065540&s4=468539_Other_layer_layer

http://yllix.com/show_pop.php?a=257618&s=MDcxN2FjZmZhZTllMTMzOGQxMTgzMDYxY2IxN2E5NDI=&u=132569&si=126396827&di=1950903&ci=5&sub=2&vs=

http://byvue.com/?a=174364&c=1210087&m=28&s1=S0003440&s2=C1246280814&s3=windows&s4=chrome

http://popcash.net/world/sgo/142/25508/.../aHR0cDovL3BvcG15YWRzLmNvbS9zZXJ2ZS8xMzI4LzEyNTQvenp3cHpqaW94dXFwa3VwL2FIUjBjQ1V6UVM4dmMyVnlhV1Z6TkhkaGRHTm9MbUpzYjJkemNHOTBMbU52YlM4eU1ERTBMekF4TDJoaGNuUXRiMll0WkdsNGFXVXVhSFJ0YkE9PQ==

http://serve.popads.net/popOut.php?c=10000000000&a=2774012054&ac=4197120750489308

http://byvue.com/?a=174364&c=1210087&m=28&s1=S0002466&s2=C1246280814&s3=windows&s4=chrome

http://byvue.com/?a=233200&c=1210087&m=28&s2=yl-L-SA(2)&s3=2660823&s4=248697_Other_layer_layer

http://byvue.com/?a=233200&c=1210087&m=28&s2=yl-L-SA&s3=1587587&s4=341441_Other_layer_layer

http://byvue.com/?a=233200&c=1210087&m=28&s2=yl-L-SA(2)&s3=1421045&s4=684679_Other_layer_layer

http://serve.popads.net/popOut.php?c=10000000000&a=539312782&ac=9894763320029830

http://popcash.net/world/sgo/9467/16433/.../aHR0cDovL3d3dy5zaGVlaGQuY29tL3ZiL3Nob3d0aHJlYWQucGhwP3Q9NDMwMDY=

http://byvue.com/?a=233200&c=1210087&m=28&s2=yl-L-SA(2)&s3=3532255&s4=762663_Other_layer_layer

http://byvue.com/?a=233200&c=1210087&m=28&s2=yl-L-SA(2)&s3=2662686&s4=349324_Other_layer_layer

http://byvue.com/?a=174364&c=1210087&m=28&s1=S0003120&s2=C1246280814&s3=windows&s4=chrome

Latest 30 of 65 download URLs

Scan pc_faster_setup_mini_s235_1383151207.exe - Powered by Reason Core Security