» sogou_pinyin_8.0.0.8083.exe
Overview
Analysis
File Details
Downloads (46)

sogou_pinyin_8.0.0.8083.exe

搜狗拼音输入法

Sogou.com

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from cdn2.ime.sogou.com and multiple other hosts.

File name:

Publisher:

Sogou.com Inc. (signed by Sogou.com)

Product:

搜狗拼音输入法

Description:

搜狗拼音输入法安装程序

Version:

8.0.0.8083

MD5:

27aeb1e911aca59e740fb1f6b4c4ad16

SHA-1:

e6aedfdb2a3ef4851efcee7ec79f621027d22050

SHA-256:

c78c7419881760cf0b1db002ce2e73ad35db30e932f0d54ab360471e24118688

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/17/2024 11:37:11 PM UTC (a few moments ago)

File size:

37.4 MB (39,192,528 bytes)

Product version:

8.0.0.8083

File type:

Executable application (Win32 EXE)

Installer:

NSIS (Nullsoft Scriptable Install System)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\sogou_pinyin_8.0.0.8083.exe

Digital Signature

Signed by:

Sogou.com

Authority:

Symantec Corporation

Valid from:

9/30/2015 7:00:00 AM

Valid to:

9/29/2018 6:59:59 AM

Subject:

CN=Sogou.com, OU=Desktop, O=Sogou.com, L=Beijing, S=Beijing, C=CN

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

7DC702075FCCDB9E63385FF51314C4CE

File PE Metadata

Compilation timestamp:

4/10/2010 7:19:31 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

786432:KZ0iCaJ7zBJcSScqGdpgxPJZm+p+r4lSxnc9PrlBLaG6DD:KZ0iC8JcSS9GdpgNmUa4l6c9PHLK

Entry address:

0x354B

Entry point:

81, EC, D4, 02, 00, 00, 53, 55, 56, 57, 6A, 20, 33, ED, 5E, 89, 6C, 24, 18, C7, 44, 24, 10, D8, 84, 40, 00, 89, 6C, 24, 14, FF, 15, 30, 80, 40, 00, 68, 01, 80, 00, 00, FF, 15, B8, 80, 40, 00, 55, FF, 15, B0, 82, 40, 00, 6A, 08, A3, 98, 06, 47, 00, E8, 67, 27, 00, 00, 55, 68, B4, 02, 00, 00, A3, B0, 05, 47, 00, 8D, 44, 24, 38, 50, 55, 68, 1C, 86, 40, 00, FF, 15, 80, 81, 40, 00, 68, 04, 86, 40, 00, 68, A0, 85, 46, 00, E8, 35, 26, 00, 00, FF, 15, B4, 80, 40, 00, 50, BF, A0, 10, 4C, 00, 57, E8, 23, 26, 00, 00... 
[+]

Entropy:

7.9998

Packer / compiler:

Nullsoft install system v2.x

Code size:

25 KB (25,600 bytes)

The file sogou_pinyin_8.0.0.8083.exe has been seen being distributed by the following 46 URLs.

http://cdn2.ime.sogou.com/3ce6749bcfb9bff31accc83ba081e520/578cc4e4/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/8ca4a3d3b9801ae389a65036cf561e96/5777177c/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/0bdfff6895bdfc42dc6055151fb5d5ce/578eb6ec/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/6ade56343fb4966eb9073aa446454d49/577714b9/dl/index/.../sogou_pinyin_80h.exe

http://download1641.mediafire.com/qwm5aivo3mig/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/47b83170ea0ba615b2609764d7b200ff/57760cdd/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/bedbff7f279d944f215c4c8a674c8a5b/57887740/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/b5129fbcce331ed0000f3e09b9401cb7/577f8bcc/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/9b5f9388fed1c836c8711ae4a3ae5194/577c0a22/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/f44169ec670f6c271f04c0aa1023837a/578e2d1b/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/e0e785d6f8083752855556b37ac3c176/577b4546/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/db090e9484ed4e984da827d1a80a45ee/5779f7b1/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/22a1deab1ecb53be7a834d89b0f8a0a2/5787eaf0/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/ac278fd5136f9f202017e6c556b6403c/577f2663/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/bfcec40bf4505df34547fdafa463cce7/578ce291/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/90de2977afaf9ee2bcb057a7ceecbec7/57823739/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/be27f9dbcbf92923d26cd12f7bbd1143/577aada4/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/2be1f434a34a2dd36a0e826b38607ff3/5786fd92/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/664a0d8f88e9464fdcc12cd617dae5cc/577faf80/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/75a8d38e8397dfe840a663019bb7bf72/57799ec1/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/37e5f4c4ba146b6c159173043b73d2dc/57766c38/dl/index/.../sogou_pinyin_80h.exe

http://googledrive.com/host/.../sogou_pinyin_chinese_edu_vn_6_2.exe

http://cdn2.ime.sogou.com/6d081324e30d68822cdfd60f1095ae5e/577f6919/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/ba4fe051e7f5cf6bd68711ce10d0edcc/578bc927/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/0d134008e5d329b0c316966caaa41410/578cb5b6/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/e7be4ad205b4a6778d5419eb5da58e0f/578b099b/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/4e5eaf5d818ac84bd67c99b8a067e2a2/577b25ad/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/7b21323291bc7dfdf7e57c99d32127b9/5778a3cb/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/a0afae6d8159226040499a8708c2937a/5781cad4/dl/index/.../sogou_pinyin_80h.exe

http://cdn2.ime.sogou.com/b3aaa8786e56654bd635018540d848f3/578af4a0/dl/index/.../sogou_pinyin_80h.exe

Latest 30 of 46 download URLs

Scan sogou_pinyin_8.0.0.8083.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.