home

BDMiniDlUpdate.exe

百度软件中心助手

Beijing baidu Netcom science and technology co.ltd

The application BDMiniDlUpdate.exe by Beijing baidu Netcom science and technology co.ltd has been detected as a potentially unwanted program by 3 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “BDMiniDlUpdate”.
Publisher:
百度在线网络技术(北京)有限公司  (signed by Beijing baidu Netcom science and technology co.ltd)

Product:
百度软件中心助手

Description:
升级模块

Version:
1.3.0.318

MD5:
2fcfdd9805283b5d59bf4e6cab88798b

SHA-1:
490f62fa6fcc2024c42fa31e8fd68f4fb1751bd4

SHA-256:
10e530dfef4cee0abc18ea9ec024e4b804311ce385d6f0f954f713e86e3bfef5

Scanner detections:
3 / 68

Status:
Potentially unwanted

Analysis date:
5/18/2024 4:45:46 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
160917-0

Dr.Web
Trojan.Inject1.55533
9.0.1.05190

ESET NOD32
Win32/Baidu.B potentially unwanted application
6.3.12010.0

File size:
161 KB (164,912 bytes)

Product version:
1.3.0.318

Copyright:
Copyright (C) 2013 Baidu Inc.

Trademarks:
Baidu

Original file name:
BDMiniDlUpdate.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\roaming\baidu\baidurjdownloader1.3\1.3.0.318\bdminidlupdate.exe

Digital Signature
Signed by:
Beijing baidu Netcom science and technology co.ltd

Authority:
VeriSign, Inc.

Valid from:
2/27/2012 8:00:00 AM

Valid to:
2/27/2015 7:59:59 AM

Subject:
CN=Beijing baidu Netcom science and technology co.ltd, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Beijing baidu Netcom science and technology co.ltd, L=Beijing, S=Beijing, C=CN

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
56659719569BE07B775A1B2275E2D83A

File PE Metadata
Compilation timestamp:
11/1/2014 1:26:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0xB821

Entry point:
E8, 8F, 6D, 00, 00, E9, 17, FE, FF, FF, E8, 7F, 3D, 00, 00, 8B, 48, 6C, 3B, 0D, 98, 4B, 42, 00, 74, 10, 8B, 0D, B0, 4A, 42, 00, 85, 48, 70, 75, 05, E8, 20, 0A, 00, 00, A1, 38, 41, 42, 00, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 55, 8B, EC, 56, 33, C0, 50, 50, 50, 50, 50, 50, 50, 50, 8B, 55, 0C, 8D, 49, 00, 8A, 02, 0A, C0, 74, 09, 83, C2, 01, 0F, AB, 04, 24, EB, F1, 8B, 75, 08, 83, C9, FF, 8D, 49, 00, 83, C1, 01, 8A, 06, 0A, C0, 74, 09, 83, C6, 01, 0F, A3, 04, 24, 73, EE, 8B, C1, 83...
 
[+]

Entropy:
6.4031

Code size:
116 KB (118,784 bytes)

Service
Display name:
BDMiniDlUpdate

Type:
Win32OwnProcess


Remove BDMiniDlUpdate.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.