delegate_execute.exe

Chromium

CLARALABSOFTWARE

The application delegate_execute.exe by CLARALABSOFTWARE has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
The Chromium Authors  (signed by CLARALABSOFTWARE)

Product:
Chromium

Version:
42.0.2311.95

MD5:
d4d41b4a364fed4a71641cd6fe4c89ab

SHA-1:
f60d6452efbe1403f90fd77a15b30f1ba9f610e6

SHA-256:
753b623f4daa33e2586cd25ad4ce6968b971afeacbe5248d2538ec540cf5c72d

Scanner detections:
1 / 68

Status:
Potentially unwanted

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/24/2024 1:38:53 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.CLARALAB (M)
16.6.7.4

File size:
624.9 KB (639,912 bytes)

Product version:
42.0.2311.95

Copyright:
Copyright 2014 The Chromium Authors. All rights reserved.

Original file name:
delegate_execute.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\beaglebrowser\application\42.0.2311.95\delegate_execute.exe

Digital Signature
Authority:
GoDaddy.com, Inc.

Valid from:
12/17/2014 3:11:04 PM

Valid to:
12/17/2015 3:11:04 PM

Subject:
CN=CLARALABSOFTWARE, O=CLARALABSOFTWARE, L=Paris, C=FR

Issuer:
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

Serial number:
2B0709ADBE1F3C

File PE Metadata
Compilation timestamp:
8/12/2015 5:33:06 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
12288:USs9rXhP7faVINLwPXMB5UwjlIyqqaGkBFmAU45h8S8xSzHsgCEpP+Aoz37:glyyNjBCfiK3p2Ao3

Entry address:
0x30E9F

Entry point:
E8, 35, CF, 00, 00, E9, 7F, FE, FF, FF, 55, 8B, EC, 8B, 55, 0C, A1, 08, 62, 49, 00, F7, D2, 8B, 4D, 08, 23, D0, 23, 4D, 0C, 0B, D1, 89, 15, 08, 62, 49, 00, 5D, C3, E8, A0, 08, 00, 00, 85, C0, 74, 08, 6A, 16, E8, BE, 08, 00, 00, 59, F6, 05, 08, 62, 49, 00, 02, 74, 21, 6A, 17, E8, 49, FA, 01, 00, 85, C0, 74, 05, 6A, 07, 59, CD, 29, 6A, 01, 68, 15, 00, 00, 40, 6A, 03, E8, BF, F5, FF, FF, 83, C4, 0C, 6A, 03, E8, C9, 24, 00, 00, CC, 55, 8B, EC, 8D, 45, 14, 50, 6A, 00, FF, 75, 10, FF, 75, 0C, FF, 75, 08, E8, 2C...
 
[+]

Code size:
319 KB (326,656 bytes)

Remove delegate_execute.exe - Powered by Reason Core Security