home

spark_setup_all.exe

Spark

Baidu, Inc.

This is a self-extracting archive and installer. The file has been seen being downloaded from updown.browser.baidu.com.
Publisher:
Baidu, Inc.

Product:
Spark

Description:
Spark Setup

Version:
26.4.9999.1900

MD5:
0c03dcdc38ac622dbd75640fda5a27b1

SHA-1:
62f3da720b72023ded3ec59777eaa61250f46829

SHA-256:
cb3e9dc60e23fa2c79fca0a7da51a2ab1ff5e5deff447386824d49947cdbd1b5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 6:48:11 AM UTC  (today)

File size:
34.6 MB (36,315,784 bytes)

Product version:
26.4.9999.1900

Copyright:
Copyright (C) 2013 Baidu Inc. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\spark_setup_all.exe

File PE Metadata
Compilation timestamp:
4/10/2010 2:19:23 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
786432:ICFHM4rHvnJSCnHi97cBQq5wzj8tf9GcJ4JGxrp7XyIbuEZ:ICFHTDvM2Acaq6zwt/JP7XyMBZ

Entry address:
0x33E9

Entry point:
FE, C6, 80, E8, E1, 85, C1, 75, 02, 03, F5, 81, E8, 7F, E6, D4, CE, F2, EB, 05, 0F, AF, C2, 88, FB, FE, C7, 76, 0A, F2, 0F, AF, EB, 69, EB, C9, 28, 23, 15, BE, 63, 7A, 00, 00, FF, C0, 0F, AF, CD, 81, F6, 18, C4, 00, 00, 80, C8, 7D, B7, 91, 69, ED, 9B, 42, 9E, 32, 81, EE, 4C, 18, 00, 00, B5, 94, B9, AF, 0A, D6, 31, 2B, D6, 81, C5, D0, 17, A2, 56, 81, EA, 14, 00, 00, 00, 69, D6, DE, C3, 54, 0B, 88, F1, 8D, 15, E4, F3, 09, CA, 89, C7, 71, 08, 08, DE, C7, C0, 85, AE, C3, 96, 68, 95, 1C, 3F, 00, 50, 20, C9, F7...
 
[+]

Entropy:
7.9998  (probably packed)

Code size:
25 KB (25,600 bytes)

The file spark_setup_all.exe has been seen being distributed by the following URL.

http://updown.browser.baidu.com/.../Spark_Setup_all.exe

Scan spark_setup_all.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.