chromiumupdate.exe

Chromium

Fuyuan Zhou

The application chromiumupdate.exe by Fuyuan Zhou has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a scheduled task under the Windows Task Scheduler named ChromiumUpdateTaskMachineCore triggered by a time event.
Publisher:
Fuyuan Zhou  (signed and verified)

Product:
Chromium

Version:
1.0.0.1

MD5:
c256c1c460a4f9869641ee920b33c2ac

SHA-1:
652f30955beea428d3bc56027d59ffd06717fc95

SHA-256:
5c30833243ae72c1d5ac57f0bb3cf451672d2dec2fded85cbeeb0319753ac4ce

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 5:22:30 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.FuyuanZh (M)
16.7.6.13

File size:
538.9 KB (551,808 bytes)

Product version:
51.0.2704.67

Copyright:
Copyright (C) 2016 Chromium Authors

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\chromium\update\chromiumupdate.exe

Digital Signature
Signed by:

Authority:
thawte, Inc.

Valid from:
6/30/2016 9:00:00 PM

Valid to:
6/21/2017 8:59:59 PM

Subject:
CN=Fuyuan Zhou, OU=Individual Developer, O=No Organization Affiliation, L=Beijing, S=Beijing, C=CN

Issuer:
CN=thawte SHA256 Code Signing CA, O="thawte, Inc.", C=US

Serial number:
4A7ABA23225E999B2DA6A856853C0E31

File PE Metadata
Compilation timestamp:
6/30/2016 11:32:13 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
14.0

CTPH (ssdeep):
6144:YOv3+2ouQtR4CM00Iqt6aknGRbRBwh81HyAG6Lg3gc7afcB3g2ZZtgrWwPk/PCFF:YptR4uX2Tf1HvGN3dSceItSMlpk3

Entry address:
0x46490

Entry point:
AF, B2, 6E, 00, 00, A9, C7, AF, 94, B5, B4, 65, 8B, C2, 2D, 00, C0, 0D, B3, 35, E2, 47, 00, 00, 00, 00, 32, 15, 14, 1E, 1C, DA, 8E, 17, 1A, B2, 84, 01, 0F, B5, 7E, 00, 00, 00, 00, C7, 0F, 64, 4B, 7A, 0F, 6E, 47, 13, 11, 06, E2, 62, C0, A8, E6, ED, 7A, 02, 00, 73, 82, 01, 94, 3F, B7, 87, 02, AD, 94, B5, B4, BF, CA, 14, 9F, 2E, E8, 00, 00, 00, 00, B8, 88, 10, 23, AE, 5E, 00, 00, 00, 00, DC, 2F, 6E, 47, 6B, 23, 75, 67, 19, 1D, 17, CE, 79, E0, A2, EA, FC, 56, 19, 00, 79, 8E, 10, CE, 34, 9B, B5, 3E, BC, 80, 14...
 
[+]

Code size:
413.5 KB (423,424 bytes)

Scheduled Task
Task name:
ChromiumUpdateTaskMachineCore

Trigger:
Time


Remove chromiumupdate.exe - Powered by Reason Core Security