» sogouexplorer.exe
Overview
Analysis
File Details
Downloads (1)

sogouexplorer.exe

Sogou.com

File name:

sogouexplorer.exe

Publisher:

Sogou.com (signed and verified)

MD5:

3c2bf5a3da8a65d5a7da7a9d58ac80cd

SHA-1:

29e604b067ca6ddb6b3111c0306d6ff080d3e805

SHA-256:

8e79baa0298888f0108c1d70bd2edf4e17121488633fff4f433667194b11df39

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/23/2024 11:41:40 PM UTC (a few moments ago)

File size:

132.9 KB (136,128 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\inetcache\ie\{random}\sogouexplorer.exe

Digital Signature

Signed by:

Sogou.com

Authority:

Symantec Corporation

Valid from:

9/30/2015 8:00:00 AM

Valid to:

9/29/2018 7:59:59 AM

Subject:

CN=Sogou.com, OU=Desktop, O=Sogou.com, L=Beijing, S=Beijing, C=CN

Issuer:

CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:

7DC702075FCCDB9E63385FF51314C4CE

File PE Metadata

Compilation timestamp:

2/5/2016 5:08:57 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

3072:iaHs31e42UMrVpwg+bLVCV/r0xxTTwe2U:iKsle4zMlE4VT+Tw7U

Entry address:

0x8488

Entry point:

E8, 25, 3B, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 56, 8B, F1, 8B, 4D, 08, C6, 46, 0C, 00, 85, C9, 75, 66, 57, E8, 1C, 33, 00, 00, 8B, F8, 89, 7E, 08, 8B, 57, 6C, 89, 16, 8B, 4F, 68, 89, 4E, 04, 3B, 15, B4, E9, 41, 00, 74, 11, A1, 70, EA, 41, 00, 85, 47, 70, 75, 07, E8, B5, 3F, 00, 00, 89, 06, 8B, 46, 04, 5F, 3B, 05, 54, E7, 41, 00, 74, 15, 8B, 4E, 08, A1, 70, EA, 41, 00, 85, 41, 70, 75, 08, E8, 17, 43, 00, 00, 89, 46, 04, 8B, 4E, 08, 8B, 41, 70, A8, 02, 75, 16, 83, C8, 02, 89, 41, 70, C6, 46, 0C, 01, EB... 
[+]

Entropy:

6.3921

Code size:

78.5 KB (80,384 bytes)

The file sogouexplorer.exe has been seen being distributed by the following URL.

http://pz1.3dn.ie.sogou.com/SogouExplorer.exe

Scan sogouexplorer.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.