home

chimera.exe

Chimera tool

Euro-Server s.r.o.

This is a setup program which is used to install the application. The file has been seen being downloaded from chimeratool.com and multiple other hosts.
Publisher:
Euroserver Sro.  (signed by Euro-Server s.r.o.)

Product:
Chimera tool

Description:
Chimera mobile tool

Version:
9, 30, 1426, 0

MD5:
425db56e2b32b22aa7b052c3ec77cd28

SHA-1:
0ffa723e4e16d234afed7fa3e4c047088afe387d

SHA-256:
b051c6030b8d4298151dfe86a48765d7aaba07f6d844bc1aee5e02c2fef73213

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/5/2024 9:35:16 AM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM19.1.Malware.Gen
1.0.0.1077

Rising Antivirus
PE:Malware.Generic(Thunder)!1.A1C4 [F]
23.00.65.16215

File size:
44.5 MB (46,686,008 bytes)

Copyright:
Copyright (C) 2015 Euroserver Sro.

Original file name:
chimera.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\chimera\chimera.exe

Digital Signature
Signed by:
Euro-Server s.r.o.

Authority:
Starfield Technologies, Inc.

Valid from:
12/4/2015 8:00:38 AM

Valid to:
9/28/2018 7:25:42 PM

Subject:
CN=Euro-Server s.r.o., O=Euro-Server s.r.o., L=Dunajska Streda, C=SK

Issuer:
SERIALNUMBER=10688435, CN=Starfield Secure Certification Authority, OU=http://certificates.starfieldtech.com/repository, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00B9A5E5882CA0467A

File PE Metadata
Compilation timestamp:
2/17/2016 1:34:37 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
786432:czEWTBEF+W/i3y9ifBcLkE1LP70FeP7BOlJtNxoowb42VlwFRiiH6H:czEeFW/i3yiek270cP1OmlCR8

Entry address:
0x2E8D000

Entry point:
EB, 08, 0F, 96, 0D, 01, 00, 00, 00, 00, E9, 00, 20, 00, 00, 54, 41, 47, 47, 00, 20, 00, 00, 0F, 1B, 00, 00, 01, 00, 30, 82, 1B, 0B, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 02, A0, 82, 1A, FC, 30, 82, 1A, F8, 02, 01, 01, 31, 09, 30, 07, 06, 05, 2B, 0E, 03, 02, 1A, 30, 82, 0F, 21, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 01, A0, 82, 0F, 12, 04, 82, 0F, 0E, D0, 00, 01, 00, 01, C1, B1, A1, 02, 00, 04, 00, 00, 00, 00, 00, 26, 00, 00, 00, 01, 00, 3D, 01, E1, 4F, CB, 55, 58, 9F, DF, A2, 74, ED, DF, CA, 80, 75, BE...
 
[+]

Entropy:
7.9963  (probably packed)

Code size:
15 MB (15,696,384 bytes)

The file chimera.exe has been seen being distributed by the following 3 URLs.

https://chimeratool.com/.../latest

http://www.furiousgold.com/en/my-account/.../14600

http://i16.indiworlds.com:182/d/.../Chimera V8.34.1902.exe

Scan chimera.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.