home

chemmedia.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from portal.edu.ro.
MD5:
98691875730b14f05b3e3af3c3d6167d

SHA-1:
bf42a19a035c22a1de18908f8ca6c1d11021b6df

SHA-256:
4da4933dce8087302796ba622fa72809a82be656789fee4d912f4ae9354bc139

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/27/2024 7:53:05 AM UTC  (today)

File size:
4 MB (4,203,145 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\asus\chemmedia.exe

File PE Metadata
Compilation timestamp:
11/2/2003 1:10:39 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.0

CTPH (ssdeep):
49152:8mU6YdFoFsMG7I+8lUD3FYBmQhRwqiC3r2YD3TQAS5mEKvzMN27F7R1+ZmxDK/p/:oMG3ymoR5L3jEyhR1+P/8UdGIINC66

Entry address:
0x1000

Entry point:
EB, 10, 66, 62, 3A, 43, 2B, 2B, 48, 4F, 4F, 4B, 90, E9, 48, 11, 41, 00, A1, 3B, 11, 41, 00, C1, E0, 02, A3, 3F, 11, 41, 00, 52, 6A, 00, E8, 09, F0, 00, 00, 8B, D0, E8, 2A, 50, 00, 00, 5A, E8, C0, 43, 00, 00, E8, 23, 50, 00, 00, 6A, 00, E8, F0, 5E, 00, 00, 59, 68, E4, 10, 41, 00, 6A, 00, E8, E3, EF, 00, 00, A3, 43, 11, 41, 00, 6A, 00, E9, AB, CB, 00, 00, E9, 1E, 5F, 00, 00, 33, C0, A0, 2D, 11, 41, 00, C3, A1, 43, 11, 41, 00, C3, 60, BB, 00, 50, B0, BC, 53, 68, AD, 0B, 00, 00, C3, B9, 9C, 00, 00, 00, 0B, C9...
 
[+]

Code size:
64 KB (65,536 bytes)

The file chemmedia.exe has been seen being distributed by the following URL.

http://portal.edu.ro/index.php?module=uploads&func=download&fileId=1762

Scan chemmedia.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.