home

spark_setup_all.exe

Spark

Baidu, Inc.

This is a setup and installation application. The file has been seen being downloaded from updown.browser.baidu.com.
Publisher:
Baidu, Inc.

Product:
Spark

Description:
Spark Setup

Version:
26.4.9999.1900

MD5:
2c8323237a9ff86c569dd3ebc238a150

SHA-1:
9da06d2cc5cb607e069d31f85c7e438ce36c61c8

SHA-256:
09f5f80e07c0497372c406b8aeba5233dd11379f67fa149113c1852efbbe641f

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 6:30:07 AM UTC  (today)

File size:
34.6 MB (36,307,592 bytes)

Product version:
26.4.9999.1900

Copyright:
Copyright (C) 2013 Baidu Inc. All Rights Reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\spark_setup_all.exe

File PE Metadata
Compilation timestamp:
4/10/2010 2:19:23 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
786432:nuFHM4rHvnJSCnHi97cBQq5wzj8tf9GcJ4JGxrp7XyIbuEZ:nuFHTDvM2Acaq6zwt/JP7XyMBZ

Entry address:
0x33E9

Entry point:
75, 06, 00, E1, 84, E9, 89, F1, 51, 68, 08, 25, 66, 00, 00, F0, 2D, 36, 62, B0, 66, 69, D8, A4, B5, 60, 91, 0F, B7, F3, 81, F8, 1B, DD, E4, 92, 0F, AF, F1, 4B, 80, F8, 9A, 8D, 1D, EC, AA, 3E, ED, 81, CF, 01, 3A, 29, FD, BB, 2A, D3, 6B, C1, 69, D6, 36, EF, 96, 85, 3B, DE, B7, EB, 88, FA, FF, C3, 0F, BF, D0, 83, E6, 00, 81, CA, 70, B1, 02, E9, 0F, AF, D6, 33, DB, 81, C6, 77, 85, 0F, 00, 39, EA, 84, D0, 31, D3, 81, F6, 11, 06, 00, 00, F6, C4, 35, 89, C3, 8B, FE, BB, 24, 56, 2F, 93, 81, EF, B3, 5B, 00, 00, 21...
 
[+]

Entropy:
7.9998  (probably packed)

Code size:
25 KB (25,600 bytes)

The file spark_setup_all.exe has been seen being distributed by the following URL.

http://updown.browser.baidu.com/.../Spark_Setup_all.exe

Scan spark_setup_all.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.