home

chimera.exe

Chimera tool

Euro-Server s.r.o.

This is a setup program which is used to install the application. The file has been seen being downloaded from chimeratool.com.
Publisher:
Euroserver Sro.  (signed by Euro-Server s.r.o.)

Product:
Chimera tool

Description:
Chimera mobile tool

Version:
4, 81, 1722, 0

MD5:
113a455e4c83fe27143cfc5219ceed06

SHA-1:
c1cae88201ae4cf8fe6bb2a450444be9172e0af6

SHA-256:
f349524997725f898f70d52fae9e3cb76ef7207740152806efbac7e0d24a0fb4

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/28/2024 1:23:55 PM UTC  (today)

Scan engine
Detection
Engine version

Qihoo 360 Security
HEUR/QVM19.1.Malware.Gen
1.0.0.1015

File size:
28.3 MB (29,673,840 bytes)

Product version:
4, 81, 1722, 0

Copyright:
Copyright (C) 2014 Euroserver Sro.

Original file name:
chimera.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\chimera.exe

Digital Signature
Signed by:
Euro-Server s.r.o.

Authority:
GoDaddy.com, Inc.

Valid from:
11/14/2014 4:44:12 PM

Valid to:
11/14/2015 4:44:12 PM

Subject:
CN=Euro-Server s.r.o., O=Euro-Server s.r.o., L=Dunajska Streda, C=SK

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
040038FA735341

File PE Metadata
Compilation timestamp:
3/5/2015 12:48:54 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
786432:fSheLdASESHQfdJxdcIZiqzZe9RVvpGRTXQNzkpcRlnVRhk/:f1RNQfFZejxaXQhqWnTo

Entry address:
0x14FC000

Entry point:
EB, 08, 0F, 6A, 8F, 00, 00, 00, 00, 00, E9, 00, 20, 00, 00, 54, 41, 47, 47, 00, 20, 00, 00, 3F, 15, 00, 00, 01, 00, 30, 82, 15, 3B, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 02, A0, 82, 15, 2C, 30, 82, 15, 28, 02, 01, 01, 31, 09, 30, 07, 06, 05, 2B, 0E, 03, 02, 1A, 30, 82, 09, 4C, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 01, A0, 82, 09, 3D, 04, 82, 09, 39, D0, 00, 01, 00, 01, C1, B1, A1, 02, 00, 03, 00, 02, 00, 00, 00, 26, 00, 00, 00, 01, 00, 01, B0, 8B, BB, C6, E0, 69, C8, 93, 2A, 55, 2B, 52, E6, 2C, 06, 7F...
 
[+]

Entropy:
7.9976  (probably packed)

Code size:
10 MB (10,453,504 bytes)

The file chimera.exe has been seen being distributed by the following URL.

https://chimeratool.com/.../177

Scan chimera.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.