home

chimera_drivers.exe

ChimeraTool Installer

Euro-Server s.r.o.

This is a self-extracting archive and installer. The file has been seen being downloaded from pics.chimeratool.com and multiple other hosts.
Publisher:
ChimeraTool  (signed by Euro-Server s.r.o.)

Product:
ChimeraTool Installer

Version:
2.0.0.0

MD5:
f2ead7f69d758a4662e1b6fdb7a0809e

SHA-1:
018359cebd4077e42f7fd365b8ae92c727a19e41

SHA-256:
ab5829d28885a4138f96156a15685c83611f03ab132e03afd5305ce7342f7f0c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/24/2024 11:41:18 PM UTC  (a few moments ago)

File size:
84.3 MB (88,353,872 bytes)

Product version:
2.0.0.0

Original file name:
Chim_driver.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\chimera_drivers.exe

Digital Signature
Signed by:
Euro-Server s.r.o.

Authority:
GoDaddy.com, Inc.

Valid from:
11/14/2014 12:14:12 PM

Valid to:
11/14/2015 12:14:12 PM

Subject:
CN=Euro-Server s.r.o., O=Euro-Server s.r.o., L=Dunajska Streda, C=SK

Issuer:
SERIALNUMBER=07969287, CN=Go Daddy Secure Certification Authority, OU=http://certificates.godaddy.com/repository, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
040038FA735341

File PE Metadata
Compilation timestamp:
6/10/2014 12:20:53 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
1572864:5R3Q6nyyVglGZGJ7mqDiKWAZPVma5x6PnVmMfNMcrLVfDPFLZ76/IK:5pRu4cP3ZdP5wPnVXNMcrL1hLg/

Entry address:
0x2CBBC

Entry point:
E8, 15, C6, 00, 00, E9, 78, FE, FF, FF, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 0C, 06, 45, 00, 33, C5, 50, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B, 64, 24, 0C, 53, 56, 57, 89, 28, 8B, E8, A1, 0C, 06, 45, 00, 33, C5, 50, 89, 65, F0, FF, 75, FC, C7, 45, FC, FF, FF, FF, FF, 8D, 45, F4, 64, A3, 00, 00, 00, 00, C3, 50, 64, FF, 35, 00, 00, 00, 00, 8D, 44, 24, 0C, 2B...
 
[+]

Code size:
253.5 KB (259,584 bytes)

The file chimera_drivers.exe has been seen being distributed by the following 2 URLs.

https://pics.chimeratool.com/cdn-cgi/.../chk_captcha?id=2e3358640bd132b9&g-recaptcha-response=03AHJ_VusdjhypzbMysBRT6VZMcAXDz0KDEdpV0IF3oSGuX0etQeg-A-yMh3OQWFbkKL3oFzfSNd6nAzezkdQ2iC8T5BgyGOrRa0xXXqup69kOejcP2XIOgKk4QaY2Iuh6_96JseZSCArOXYYhZ1qZlJOdcbn7okIogVXYrYq3A7Fj6MFta6Qo0tXn7TZ2ezoI0gzcRJTKCfqS2oUv6CZb5WnAos-BZU2qyzYCVrtWujW5NJQsPN-DhY3fD1D7FvUrhP4mDBfU5iqj6w0dW0kvV9xmfWSj4yYXys5oubHR6lH6OsvikZfSxh7E7XbqP_rJW5pLJFK-fCzRvx1fkLujbfF-LIWsq28o-My8U56wppZllCYZshg73YJAEH18XFGeP3TAxdZETmb8bWqKXU5It6q7Vw3APMYHWMiATS9pHVbllCfl-Sl16zDJxNjIiu2691E8_BOKbbo1hNZk-7f-fo-55X0N63gV5-Sy2wym1P8eI1MjX9zdZ77qT2ayMvNkLI5NmOSaRCJB9EPB_Jx6qCqtsbmYbQvjulJCJJKGqamgAPAoMACgyA9ctSfS9whvywVo57o4l1x9u4cjMiH1c3iG1MA2WUkcC68LbfGNP6LyVC1A6me6Bhan3OSufsUH-IvlrLJiO-LuJ9-nL8h6ArkupGW7JF-4EducxoXQwHobN-_E_maxFfdMLXLPOkDh3wsO8Y5Dqf1uKLcrMT3bh7TJ5WE835NhbITuqL1zNL-BWa5D1L6Nr_8m-MOuoVNwPEhRk2lRQJEyNrRsEeAxey9aEo-J-BMcWtKcq1z6PbdCPeW-T7JgWQH_H2Omc5aO672QtrxcZ3Q2SQ-5IyeI6zilow4CZ_nhPsmYoElHONXqribkLW4suog2vwoyhvWJy9sTsBHzw6

https://pics.chimeratool.com/.../chimera_drivers.exe

Scan chimera_drivers.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.