» chimera.exe
Overview
Analysis
File Details
Downloads (1)

chimera.exe

Chimera tool

This is a setup program which is used to install the application. The file has been seen being downloaded from chimeratool.com.

File name:

chimera.exe

Product:

Chimera tool

Description:

Chimera mobile tool

Version:

1, 0, 0, 1

MD5:

e17c5b9d02ba58c0813362b1b62ef96c

SHA-1:

ae50fe326c51954047b0ffca7cf81e7d19984de4

SHA-256:

eb7f58c9c3b4d8d8865da1229d07e4441b9975950cc48d30dc48c5202fc9c5d8

Scanner detections:

4 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/24/2024 8:43:13 PM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

W32.HfsAutoA

1.3.0.4959

NANO AntiVirus

Virus.Win32.Virut-Gen.bwpxnc

0.28.0.60253

Sophos

Mal/EncPk-OJ

4.98

Vba32 AntiVirus

BScope.Trojan.MSA.Ekel.181121

3.12.26.3

File size:

21.7 MB (22,741,868 bytes)

Product version:

1, 0, 0, 1

Original file name:

chimera.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

File PE Metadata

Compilation timestamp:

6/23/2014 2:29:15 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

393216:WRKlYvO+taYsMXiCZ9rH35VXh86e8eV7mhK1279TBruasXhj8KJpdBxn18atdkRc:WKYG+AMXiCZ9Sn12ZdyaehzdZ8EUc

Entry address:

0x11D3050

Entry point:

68, 00, 00, 00, 00, 68, 01, 00, 00, 00, 68, 00, 00, 40, 00, E8, 00, 00, 00, 00, 81, 2C, 24, 64, 30, 5D, 01, 81, 04, 24, 00, 20, 5D, 01, E9, 89, 15, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.9976

Packer / compiler:

PKLITE32, 0x1.1

Code size:

8.8 MB (9,181,696 bytes)

The file chimera.exe has been seen being distributed by the following URL.

https://chimeratool.com/.../119

Scan chimera.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.