chrome_update.exe

zspeceb

The executable chrome_update.exe has been detected as malware by 26 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from grc.unesp.br and multiple other hosts.
Product:
zspeceb

Version:
1.1.1.1

MD5:
d34f684fbe92e32df2eee75f1880b914

SHA-1:
3d77c4942147f72870e48705eaecd48c1c251e3d

SHA-256:
b020aa8b1bc74619f99c532259f5a904645a2a5013141f391856015004839c8e

Scanner detections:
26 / 68

Status:
Malware

Analysis date:
12/26/2024 2:16:22 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2926621
389

Avira AntiVirus
TR/Dropper.MSIL.236964
8.3.2.4

Arcabit
Trojan.Generic.D2CA81D
1.0.0.637

avast!
Win32:Malware-gen
2014.9-160112

AVG
Downloader.MSIL
2017.0.2867

Baidu Antivirus
Trojan.MSIL.Banload
4.0.3.16112

Bitdefender
Trojan.GenericKD.2926621
1.0.20.60

Comodo Security
UnclassifiedMalware
23830

Emsisoft Anti-Malware
Trojan.GenericKD.2926621
8.16.01.12.10

ESET NOD32
MSIL/TrojanDownloader.Banload.FL (variant)
10.12766

Fortinet FortiGate
MSIL/Banload.FL!tr.dldr
1/12/2016

F-Secure
Trojan.GenericKD.2926621
11.2016-12-01_3

G Data
Trojan.GenericKD.2926621
16.1.25

IKARUS anti.virus
Trojan-Downloader.MSIL.Banload
t3scan.1.9.5.0

K7 AntiVirus
Trojan-Downloader
13.212.18194

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.828

McAfee
RDN/Generic Downloader.x
5600.6523

Microsoft Security Essentials
TrojanDownloader:Win32/Banload!rfn
1.1.12400.0

MicroWorld eScan
Trojan.GenericKD.2926621
17.0.0.36

NANO AntiVirus
Trojan.Win32.Banload.dziiqx
1.0.14.5317

nProtect
Trojan.GenericKD.2926621
15.12.23.01

Panda Antivirus
Trj/CI.A
16.01.12.10

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.16110

Sophos
Mal/Generic-S
4.98

Trend Micro
TROJ_GEN.R00XC0CLI15
10.465.12

VIPRE Antivirus
Trojan.Win32.Generic
45948

File size:
28 KB (28,672 bytes)

Product version:
1.1.1.1

Copyright:
Copyright © 2015

Original file name:
LDRE.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\chrome_update.exe

File PE Metadata
Compilation timestamp:
12/14/2015 1:30:52 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
768:OMWcLjRQbXIYcha4xpEMdzLjyPFN1z34zySq/Y:O9B3GeIzylY

Entry address:
0x873E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
26 KB (26,624 bytes)

The file chrome_update.exe has been seen being distributed by the following 2 URLs.

http://grc.unesp.br/.../chrome_update.exe

Remove chrome_update.exe - Powered by Reason Core Security