× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3a425efcaa4751bb5a0ef477e439be55b71d03a331426d8f592303941ac35052
File name: PC_Faster_Setup_Mini_GL.exe
Detection ratio: 1 / 61
Analysis date: 2017-06-02 20:06:03 UTC ( 1 year, 5 months ago ) View latest
Antivirus Result Update
DrWeb Program.Optimizer.10 20170602
Ad-Aware 20170602
AegisLab 20170602
AhnLab-V3 20170602
Alibaba 20170602
ALYac 20170602
Arcabit 20170602
Avast 20170602
AVG 20170602
Avira (no cloud) 20170602
AVware 20170602
Baidu 20170601
BitDefender 20170602
Bkav 20170602
CAT-QuickHeal 20170602
ClamAV 20170602
CMC 20170602
Comodo 20170602
CrowdStrike Falcon (ML) 20170420
Cyren 20170602
Emsisoft 20170602
Endgame 20170515
ESET-NOD32 20170602
F-Prot 20170602
F-Secure 20170602
Fortinet 20170602
GData 20170602
Ikarus 20170602
Sophos ML 20170519
Jiangmin 20170602
K7AntiVirus 20170602
K7GW 20170602
Kaspersky 20170602
Kingsoft 20170602
Malwarebytes 20170602
McAfee 20170602
McAfee-GW-Edition 20170602
Microsoft 20170602
eScan 20170602
NANO-Antivirus 20170602
nProtect 20170602
Palo Alto Networks (Known Signatures) 20170602
Panda 20170602
Qihoo-360 20170602
Rising 20170602
SentinelOne (Static ML) 20170516
Sophos AV 20170602
SUPERAntiSpyware 20170602
Symantec 20170602
Symantec Mobile Insight 20170601
Tencent 20170602
TheHacker 20170602
TotalDefense 20170602
TrendMicro 20170602
TrendMicro-HouseCall 20170602
Trustlook 20170602
VBA32 20170602
VIPRE 20170602
ViRobot 20170602
Webroot 20170602
WhiteArmor 20170601
Yandex 20170602
Zillya 20170602
ZoneAlarm by Check Point 20170602
Zoner 20170602
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Authenticode signature block and FileVersionInfo properties
Copyright
Copyright (C) 2014 Baidu, Inc. All rights reserved.

Product Baidu PC Faster
Internal name Baidu PC Faster
File version 4,0,0,90927
Description Baidu PC Faster MiniSetup
Signature verification Signed file, verified signature
Signing date 11:48 AM 10/28/2014
Signers
[+] Baidu Online Network Technology (Beijing)Co., Ltd
Status This certificate or one of the certificates in the certificate chain is not time valid.
Issuer VeriSign Class 3 Code Signing 2010 CA
Valid from 1:00 AM 4/24/2012
Valid to 12:59 AM 4/25/2015
Valid usage Code Signing
Algorithm sha1RSA
Thumbprint A824F852E8C29E1A7961EAC802F8ECEE3748BF68
Serial number 3B DB 19 94 B9 8B BB 19 AB 55 A4 23 37 FA 4F 5C
[+] VeriSign Class 3 Code Signing 2010 CA
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 2/8/2010
Valid to 12:59 AM 2/8/2020
Valid usage Client Auth, Code Signing
Algorithm sha1RSA
Thumbprint 495847A93187CFB8C71F840CB7B41497AD95C64F
Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7
[+] VeriSign
Status Valid
Issuer VeriSign Class 3 Public Primary Certification Authority - G5
Valid from 1:00 AM 11/8/2006
Valid to 12:59 AM 7/17/2036
Valid usage Server Auth, Client Auth, Email Protection, Code Signing
Algorithm sha1RSA
Thumbprint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A
Counter signers
[+] GlobalSign TSA for MS Authenticode - G1
Status Valid
Issuer GlobalSign Timestamping CA - G2
Valid from 1:00 AM 8/23/2013
Valid to 1:00 AM 9/23/2024
Valid usage Timestamp Signing
Algorithm sha1RSA
Thumbrint 8CE69F5012E1D1A8FB395E2E31E2B42BDE3B343B
Serial number 11 21 40 5C 1F 0E D2 58 88 2B E5 4D 86 86 BA 11 EA 45
[+] GlobalSign Timestamping CA - G2
Status Valid
Issuer GlobalSign Root CA
Valid from 11:00 AM 4/13/2011
Valid to 1:00 PM 1/28/2028
Valid usage All
Algorithm sha1RSA
Thumbrint C0E49D2D7D90A5CD427F02D9125694D5D6EC5B71
Serial number 04 00 00 00 00 01 2F 4E E1 52 D7
[+] GlobalSign Root CA - R1
Status Valid
Issuer GlobalSign Root CA
Valid from 1:00 PM 9/1/1998
Valid to 1:00 PM 1/28/2028
Valid usage Server Auth, Client Auth, Code Signing, Email Protection, Timestamp Signing, OCSP Signing, EFS, IPSEC Tunnel, IPSEC User, IPSEC IKE Intermediate
Algorithm sha1RSA
Thumbrint B1BC968BD4F49D622AA89A81F2150152A41D829C
Serial number 04 00 00 00 00 01 15 4B 5A C3 94
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-10-28 01:49:55
Entry Point 0x00006074
Number of sections 5
PE sections
Overlays
MD5 0d6a34d5c65ccf69e1997ea556e0bf9f
File type data
Offset 1102848
Size 6688
Entropy 7.36
PE imports
GetLastError
IsValidCodePage
HeapFree
GetStdHandle
EnterCriticalSection
GetConsoleOutputCP
SetHandleCount
GetModuleFileNameW
WaitForSingleObject
GetOEMCP
QueryPerformanceCounter
HeapDestroy
HeapAlloc
TlsAlloc
GetEnvironmentStringsW
FlushFileBuffers
LoadLibraryA
RtlUnwind
GetModuleFileNameA
CreateProcessW
DeleteCriticalSection
GetCurrentProcess
GetStartupInfoW
SizeofResource
GetLocaleInfoA
GetConsoleMode
GetStringTypeW
GetCurrentProcessId
LCMapStringW
LockResource
GetCommandLineW
GetCPInfo
UnhandledExceptionFilter
InterlockedDecrement
MultiByteToWideChar
HeapSize
GetTickCount
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
DeleteFileW
GetProcAddress
GetStringTypeA
WritePrivateProfileStringW
GetTempFileNameW
SetStdHandle
WriteFile
RaiseException
WriteConsoleW
WideCharToMultiByte
TlsFree
SetFilePointer
ReadFile
SetUnhandledExceptionFilter
GetTempPathW
InterlockedIncrement
CloseHandle
GetSystemTimeAsFileTime
TerminateProcess
GetACP
HeapReAlloc
HeapCreate
GetModuleHandleW
FindResourceExW
GetConsoleCP
LCMapStringA
TlsGetValue
InitializeCriticalSection
LoadResource
FindResourceW
CreateFileW
VirtualFree
WriteConsoleA
IsDebuggerPresent
Sleep
GetFileType
SetEndOfFile
TlsSetValue
CreateFileA
ExitProcess
GetCurrentThreadId
GetProcessHeap
VirtualAlloc
GetStartupInfoA
SetLastError
LeaveCriticalSection
Ord(165)
PathRenameExtensionW
PathFindFileNameW
PathFileExistsW
StrStrIW
PathRemoveBackslashW
PathRemoveExtensionW
Number of PE resources by type
RT_ICON 4
BASIC_RC 1
RT_GROUP_ICON 1
RT_VERSION 1
RT_MANIFEST 1
Number of PE resources by language
ENGLISH US 8
PE resources
Debug information
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
9.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
4.0.0.25391

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

FileDescription
Baidu PC Faster MiniSetup

ImageFileCharacteristics
Executable, 32-bit

CharacterSet
Unicode

InitializedDataSize
1031680

EntryPoint
0x6074

MIMEType
application/octet-stream

LegalCopyright
Copyright (C) 2014 Baidu, Inc. All rights reserved.

FileVersion
4,0,0,90927

TimeStamp
2014:10:28 02:49:55+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
Baidu PC Faster

ProductVersion
4,0,0,90927

SubsystemVersion
5.0

OSVersion
5.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Baidu Inc.

CodeSize
70144

ProductName
Baidu PC Faster

ProductVersionNumber
4.0.0.25391

FileTypeExtension
exe

ObjectFileType
Dynamic link library

File identification
MD5 77f858624b4a6c76bb43067c227bd952
SHA1 efeaa1e6ec1b93a342ad0b28621f1d1d13d62aff
SHA256 3a425efcaa4751bb5a0ef477e439be55b71d03a331426d8f592303941ac35052
ssdeep
24576:Uvx9DQb0mJ5DSd5xvcEupT9J7rik06FuVUdtT8KtHOfTeb4CpUivi:0x9DO0A5SdJuVnZTFumtTBUCs

authentihash 07e41f53e92d197649cc1157ef4c150bff40e6d1e882e93a99881c97c0aea248
imphash 4a3b8f64b1e58fb549287a1fcc9d77d1
File size 1.1 MB ( 1109536 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (41.0%)
Win64 Executable (generic) (36.3%)
Win32 Dynamic Link Library (generic) (8.6%)
Win32 Executable (generic) (5.9%)
OS/2 Executable (generic) (2.6%)
Tags
peexe software-collection signed overlay

VirusTotal metadata
First submission 2014-11-05 13:55:12 UTC ( 4 years ago )
Last submission 2018-11-19 16:00:07 UTC ( 1 day, 5 hours ago )
File names Baidu PC Faster 5.1.3.131061.exe
Baidu PC Faster 5.1.exe
PC_Faster_Setup.exe
PC_Faster_Setup_Mini_GL.exe
PC_Faster118_Setup_Mini_GL.exe
PC_Faster_Setup_Mini_GL.exe
Baidu-PC-Faster50491133.exe
filename
file-7699241_exe
02aa934325352d3174902bfc95d6525d980343af
576989
Penetrate-the-strongest-Wi-Fi-network-program.exe
Baidu+PC+Faster+free+download.exe
B
baidu-pc-faster-5-0-4-91133-multi-win.exe
PC_Faster_Setup_Mini_GL (1).exe
PC_Faster_Setup_Mini_GL_5.1.3.131061.exe
PC_Faster_Setup_Mini_GL1.exe
b997a5810e516fc7189b1d944967053f8f3b83515e29c393d865e31db7de014385403ae33480d30f84d7d2e6482fed11f0d7c1ca18845bad1600cc54c6f6d750
pc_faster_setup_mini_gl.exe
PC_Faster_Setup_Mini_GL(1).exe
Baidu PC Faster
PC_Faster_Setup_Mini_GL.exe
baidu-pc-faster-5-0-7-98359-multi-win.exe
PC_Faster_Setup_Mini_GL.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Written files
Deleted files
Created processes
Created mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.