home

chimera.exe

Chimera tool

Euro-Server s.r.o.

This is a setup program which is used to install the application. The file has been seen being downloaded from chimeratool.com.
Publisher:
Euroserver Sro.  (signed by Euro-Server s.r.o.)

Product:
Chimera tool

Description:
Chimera mobile tool

Version:
8, 48, 1446, 0

MD5:
a4503ec86508075ea789ad60a3004cef

SHA-1:
3b98b0478eaa496624ae4f7766e20699b37225df

SHA-256:
2ee299f6febf231b9ecd277dbbe2284cea440f2f5d34b910592beeaa064e273d

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/24/2024 10:06:59 PM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM19.1.Malware.Gen
1.0.0.1077

Rising Antivirus
PE:Malware.RDM.21!5.1B[F1]
23.00.65.151125

File size:
42 MB (44,069,200 bytes)

Copyright:
Copyright (C) 2015 Euroserver Sro.

Original file name:
chimera.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\chimera.exe

Digital Signature
Signed by:
Euro-Server s.r.o.

Authority:
GoDaddy.com, Inc.

Valid from:
9/28/2015 12:25:42 PM

Valid to:
9/28/2018 12:25:42 PM

Subject:
CN=Euro-Server s.r.o., O=Euro-Server s.r.o., L=Dunajska Streda, C=SK

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
00FB1BE9BEEBF9CEC3

File PE Metadata
Compilation timestamp:
11/27/2015 7:53:19 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
786432:ru95Nq6ukS9H/ShQGDIP0rv0Gqty6VLcoxSLjVwQKeiDw+Id8vf+iDJj2+z:cwi6y0tnGLyQ9Ozhv9DJjz

Entry address:
0x2919000

Entry point:
EB, 08, 0F, 7A, F0, 00, 00, 00, 00, 00, E9, 00, 20, 00, 00, 54, 41, 47, 47, 00, 20, 00, 00, 0E, 1B, 00, 00, 01, 00, 30, 82, 1B, 0A, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 02, A0, 82, 1A, FB, 30, 82, 1A, F7, 02, 01, 01, 31, 09, 30, 07, 06, 05, 2B, 0E, 03, 02, 1A, 30, 82, 0F, 20, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 01, A0, 82, 0F, 11, 04, 82, 0F, 0D, D0, 00, 01, 00, 01, C1, B1, A1, 02, 00, 03, 00, 09, 00, 00, 00, 26, 00, 00, 00, 01, 00, 67, B3, B6, 43, B1, 8E, 52, 5C, 05, 4D, 5C, C4, 5E, C9, DE, 3E, 69...
 
[+]

Entropy:
7.9965  (probably packed)

Code size:
14.2 MB (14,922,752 bytes)

The file chimera.exe has been seen being distributed by the following URL.

https://chimeratool.com/.../latest

Scan chimera.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.