File name: | Chimera tool crack.exe |
Full analysis: | https://app.any.run/tasks/f0fc5be9-e1a5-41c2-80ea-05b93516bcd3 |
Verdict: | No threats detected |
Analysis date: | February 27, 2020, 19:14:34 |
OS: | Windows 7 Professional Service Pack 1 (build: 7601, 32 bit) |
Indicators: | |
MIME: | application/x-dosexec |
File info: | PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed |
MD5: | 9BB699B6BB677EB47B1AAD232DA18AFC |
SHA1: | C59E3341210BB4391F4B44BB7D2F0FB6E189E521 |
SHA256: | 1EAB59A25B98415E4C42D1AB929951725C9BFCDE096709D5A39400FDE505D7C6 |
SSDEEP: | 196608:MJC448Tdqth/ZGtPdqodWCU++tBKmaCtzaPq2kQcn1Mav:MB48TMt5Ejg+Pm/eC2kZj |
.exe | | | UPX compressed Win32 Executable (76) |
---|---|---|
.exe | | | Win32 Executable (generic) (12.6) |
.exe | | | Generic Win/DOS Executable (5.6) |
.exe | | | DOS Executable Generic (5.6) |
ProductName: | Chimera Installer |
---|---|
OriginalFileName: | ChimeraInstaller.exe |
LegalCopyright: | Copyright (C) 2016 Euroserver Sro. |
InternalName: | chimeraInstaller |
FileDescription: | Chimera mobile tool installer |
CompanyName: | Euroserver Sro. |
CharacterSet: | Unicode |
LanguageCode: | English (U.S.) |
FileSubtype: | - |
ObjectFileType: | Executable application |
FileOS: | Win32 |
FileFlags: | (none) |
FileFlagsMask: | 0x0017 |
ProductVersionNumber: | 1.1.1523.0 |
FileVersionNumber: | 1.1.1523.0 |
Subsystem: | Windows GUI |
SubsystemVersion: | 5.1 |
ImageVersion: | - |
OSVersion: | 5.1 |
EntryPoint: | 0x1ae0520 |
UninitializedDataSize: | 20320256 |
InitializedDataSize: | 86016 |
CodeSize: | 7864320 |
LinkerVersion: | 14 |
PEType: | PE32 |
TimeStamp: | 2018:09:19 15:27:08+02:00 |
MachineType: | Intel 386 or later, and compatibles |
Architecture: | IMAGE_FILE_MACHINE_I386 |
---|---|
Subsystem: | IMAGE_SUBSYSTEM_WINDOWS_GUI |
Compilation Date: | 19-Sep-2018 13:27:08 |
Detected languages: |
|
CompanyName: | Euroserver Sro. |
FileDescription: | Chimera mobile tool installer |
InternalName: | chimeraInstaller |
LegalCopyright: | Copyright (C) 2016 Euroserver Sro. |
OriginalFilename: | ChimeraInstaller.exe |
ProductName: | Chimera Installer |
Magic number: | MZ |
---|---|
Bytes on last page of file: | 0x0090 |
Pages in file: | 0x0003 |
Relocations: | 0x0000 |
Size of header: | 0x0004 |
Min extra paragraphs: | 0x0000 |
Max extra paragraphs: | 0xFFFF |
Initial SS value: | 0x0000 |
Initial SP value: | 0x00B8 |
Checksum: | 0x0000 |
Initial IP value: | 0x0000 |
Initial CS value: | 0x0000 |
Overlay number: | 0x0000 |
OEM identifier: | 0x0000 |
OEM information: | 0x0000 |
Address of NE header: | 0x00000130 |
Signature: | PE |
---|---|
Machine: | IMAGE_FILE_MACHINE_I386 |
Number of sections: | 3 |
Time date stamp: | 19-Sep-2018 13:27:08 |
Pointer to Symbol Table: | 0x00000000 |
Number of symbols: | 0 |
Size of Optional Header: | 0x00E0 |
Characteristics: |
|
Name | Virtual Address | Virtual Size | Raw Size | Charateristics | Entropy |
---|---|---|---|---|---|
UPX0 | 0x00001000 | 0x01361000 | 0x00000000 | IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE | 0 |
UPX1 | 0x01362000 | 0x00780000 | 0x0077F200 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE | 7.99998 |
.rsrc | 0x01AE2000 | 0x00015000 | 0x00014E00 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE | 3.40253 |
Title | Entropy | Size | Codepage | Language | Type |
---|---|---|---|---|---|
1 | 4.89623 | 392 | UNKNOWN | English - United States | RT_MANIFEST |
2 | 3.42291 | 9640 | UNKNOWN | English - United States | RT_ICON |
3 | 3.90194 | 4264 | UNKNOWN | English - United States | RT_ICON |
4 | 3.77437 | 1128 | UNKNOWN | English - United States | RT_ICON |
IDI_ICON1 | 2.65982 | 62 | UNKNOWN | English - United States | RT_GROUP_ICON |
ADVAPI32.dll |
CRYPT32.dll |
GDI32.dll |
IMM32.dll |
IPHLPAPI.DLL |
KERNEL32.DLL |
OLEAUT32.dll |
SHELL32.dll |
USER32.dll |
UxTheme.dll |
PID | CMD | Path | Indicators | Parent process |
---|---|---|---|---|
1888 | "C:\Users\admin\AppData\Local\Temp\Chimera tool crack.exe" | C:\Users\admin\AppData\Local\Temp\Chimera tool crack.exe | — | explorer.exe |
User: admin Company: Euroserver Sro. Integrity Level: MEDIUM Description: Chimera mobile tool installer Exit code: 3221226540 | ||||
3852 | "C:\Users\admin\AppData\Local\Temp\Chimera tool crack.exe" | C:\Users\admin\AppData\Local\Temp\Chimera tool crack.exe | explorer.exe | |
User: admin Company: Euroserver Sro. Integrity Level: HIGH Description: Chimera mobile tool installer Exit code: 0 |
(PID) Process: | (3852) Chimera tool crack.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\3F369FEC1EA4B285A44F3AD935922B152D7C68AC |
Operation: | write | Name: | Blob |
Value: 0300000001000000140000003F369FEC1EA4B285A44F3AD935922B152D7C68AC2000000001000000640500003082056030820448A003020102020900B9A5E5882CA0467A300D06092A864886F70D01010505003081DC310B30090603550406130255533110300E060355040813074172697A6F6E61311330110603550407130A53636F74747364616C6531253023060355040A131C537461726669656C6420546563686E6F6C6F676965732C20496E632E31393037060355040B1330687474703A2F2F6365727469666963617465732E737461726669656C64746563682E636F6D2F7265706F7369746F72793131302F06035504031328537461726669656C64205365637572652043657274696669636174696F6E20417574686F726974793111300F060355040513083130363838343335301E170D3135313230343038303033385A170D3138303932383138323534325A3061310B300906035504061302534B311830160603550407130F44756E616A736B6120537472656461311B3019060355040A13124575726F2D53657276657220732E722E6F2E311B3019060355040313124575726F2D53657276657220732E722E6F2E30820122300D06092A864886F70D01010105000382010F003082010A0282010100DAF719B5B3530BB03D6BB53CACD4FE8B573F94035A796E2C2FAA27EA7DFA8E3CDFE843FB596524F9A153A4C8E6C0745F213674312132944B135C2FC53BCC6801692427FA4925089884F24970170F0CC85C824CF31B953E46CEB7D910684337FD0BCE11E58BF527B815AB2463CDD9012612DE483CA679B33CA41B0D985F5ED7A7871931AF6CAE28B53696903FD8CD6AC32A50213EC192FDFB127EE873C7482478626CC9025089DE21A60396492FE871765B58E5265BB09158AE7CDB9C493420145DB92E53F26275B62602C0B8B94C8148A6A97B30FA68B2D0E865D9C80E69D0DB63EFDB9413705216C17D8E661AECAF121778115DB709839A4102334880D36FC10203010001A382019D30820199300C0603551D130101FF0402300030130603551D25040C300A06082B06010505070303300E0603551D0F0101FF04040302078030390603551D1F04323030302EA02CA02A8628687474703A2F2F63726C2E737461726669656C64746563682E636F6D2F736673352D31362E63726C30590603551D2004523050304E060B6086480186FD6E01071702303F303D06082B060105050702011631687474703A2F2F6365727469666963617465732E737461726669656C64746563682E636F6D2F7265706F7369746F72792F30818D06082B06010505070101048180307E302A06082B06010505073001861E687474703A2F2F6F6373702E737461726669656C64746563682E636F6D2F305006082B060105050730028644687474703A2F2F6365727469666963617465732E737461726669656C64746563682E636F6D2F7265706F7369746F72792F73665F696E7465726D6564696174652E637274301F0603551D23041830168014494B5227D11BBCF2A1216A627B51427A8AD7D556301D0603551D0E04160414EDE79531901B916A183A6DA721AEB6C10E0965FF300D06092A864886F70D010105050003820101009B9545C0C75B4BC3E9CD82632781066973F7B0D6B9B054329F19518E75692963B629E8F8454199F3D28BE28C718F7ABA36FB534427D84945527D2843936433091B6D12C9792364ADE245E20D1A4E18AE88F31CB210AF70AB5AF0718BC71417A062EF696EF77F350639220F7161EDE483AE7B0038D282429768991D5479B7ACB90C66D6C3631149755345436A2675934C21EEF2D1014D8E6CC16FE9D775D28648A5A0FC7004D6ABC9466F7A7B89FD94C8F1963596E7CDFC4520A3393A3E1381CCD128B2A480EB31CB1081864FB7CDDCA58D8BD2B8F051F4F0614A4E5498B4FE56B3CD74BFF624208010EC1E42DF7201AFE91DF95EC826C5481F6EF0E657ED5479 | |||
(PID) Process: | (3852) Chimera tool crack.exe | Key: | HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\TrustedPublisher\Certificates\A7E3A467024FFA1DCE74842C491E6BBAAE6123C7 |
Operation: | write | Name: | Blob |
Value: 030000000100000014000000A7E3A467024FFA1DCE74842C491E6BBAAE6123C72000000001000000440500003082054030820428A00302010202084907C25D92D984EF300D06092A864886F70D01010B05003081C6310B30090603550406130255533110300E060355040813074172697A6F6E61311330110603550407130A53636F74747364616C6531253023060355040A131C537461726669656C6420546563686E6F6C6F676965732C20496E632E31333031060355040B132A687474703A2F2F63657274732E737461726669656C64746563682E636F6D2F7265706F7369746F72792F313430320603550403132B537461726669656C642053656375726520436572746966696361746520417574686F72697479202D204732301E170D3135313230343038303033385A170D3138303932383138323534325A3061310B300906035504061302534B311830160603550407130F44756E616A736B6120537472656461311B3019060355040A13124575726F2D53657276657220732E722E6F2E311B3019060355040313124575726F2D53657276657220732E722E6F2E30820122300D06092A864886F70D01010105000382010F003082010A0282010100DAF719B5B3530BB03D6BB53CACD4FE8B573F94035A796E2C2FAA27EA7DFA8E3CDFE843FB596524F9A153A4C8E6C0745F213674312132944B135C2FC53BCC6801692427FA4925089884F24970170F0CC85C824CF31B953E46CEB7D910684337FD0BCE11E58BF527B815AB2463CDD9012612DE483CA679B33CA41B0D985F5ED7A7871931AF6CAE28B53696903FD8CD6AC32A50213EC192FDFB127EE873C7482478626CC9025089DE21A60396492FE871765B58E5265BB09158AE7CDB9C493420145DB92E53F26275B62602C0B8B94C8148A6A97B30FA68B2D0E865D9C80E69D0DB63EFDB9413705216C17D8E661AECAF121778115DB709839A4102334880D36FC10203010001A382019430820190300C0603551D130101FF0402300030130603551D25040C300A06082B06010505070303300E0603551D0F0101FF040403020780303B0603551D1F043430323030A02EA02C862A687474703A2F2F63726C2E737461726669656C64746563682E636F6D2F736669673273352D302E63726C30590603551D2004523050304E060B6086480186FD6E01071702303F303D06082B060105050702011631687474703A2F2F6365727469666963617465732E737461726669656C64746563682E636F6D2F7265706F7369746F72792F30818206082B0601050507010104763074302A06082B06010505073001861E687474703A2F2F6F6373702E737461726669656C64746563682E636F6D2F304606082B06010505073002863A687474703A2F2F6365727469666963617465732E737461726669656C64746563682E636F6D2F7265706F7369746F72792F73666967322E637274301F0603551D23041830168014254581685026383D3B2D2CBECD6AD9B63DB36663301D0603551D0E04160414EDE79531901B916A183A6DA721AEB6C10E0965FF300D06092A864886F70D01010B05000382010100173D1E411D7A14AF3BBD8E45193F03F8120BEA70BC00006CF270E468FE0F24777BA3FF27A60740A2D804CC7901BAF8BFE20E98FF9DEB77DA2FE286C63AB3ACD1EB3E01CAC5D83C83E4E4B978B7001C2D5F7417BF12D24C28B4ED48A0D1A65CD624968A7FE3B85775C3DF3FD859DE59F5638691439224BCF58D1FF8F817383280800B96AC466281BB6993DECB1AE857981A63CE90958D30B296DA4392AE64AA964E11CB03CB4C37650DB70BFE5E5BE2F689CD93685439E33E08363830B06FD39933388E0EB397165322A2BD11C2AF29AD46B209229EF9EBE777965E18953C733AB655AF856C43CE080755DBAF1FF92929629FF620E7232FC5E4B2BCC4748A7F13 | |||
(PID) Process: | (3852) Chimera tool crack.exe | Key: | HKEY_CURRENT_USER\Software\Microsoft\Direct3D\MostRecentApplication |
Operation: | write | Name: | Name |
Value: Chimera tool crack.exe |
PID | Process | Filename | Type | |
---|---|---|---|---|
3852 | Chimera tool crack.exe | C:\Users\admin\AppData\Local\Chimera tool crack\cache\qmlcache\619572f4c59c16656b0e91e66eead08b0e301f06.jsc.Hp3852 | — | |
MD5:— | SHA256:— | |||
3852 | Chimera tool crack.exe | C:\Users\admin\AppData\Local\Chimera tool crack\cache\qmlcache\116d9014284e9a310aa20bd041d1b09d87828908.qmlc.gq3852 | — | |
MD5:— | SHA256:— | |||
3852 | Chimera tool crack.exe | C:\Users\admin\AppData\Local\Chimera tool crack\cache\qmlcache\9779a7429fce2510e47ce1a9b32b01bfc446a599.jsc.Uh3852 | — | |
MD5:— | SHA256:— | |||
3852 | Chimera tool crack.exe | C:\Users\admin\AppData\Local\Chimera tool crack\cache\qmlcache\9764a0cf7398d05f1f046dc0c358adf765f28657.jsc.em3852 | — | |
MD5:— | SHA256:— | |||
3852 | Chimera tool crack.exe | C:\Users\admin\AppData\Local\Chimera tool crack\cache\qmlcache\e4ef80837691d5be54fee0047ddf51951a963467.jsc.Ya3852 | — | |
MD5:— | SHA256:— | |||
3852 | Chimera tool crack.exe | C:\Users\admin\AppData\Local\Chimera tool crack\cache\qmlcache\c45e0a706eb6ccbb094e556ff56d02266ca8f60c.qmlc.Nl3852 | — | |
MD5:— | SHA256:— | |||
3852 | Chimera tool crack.exe | C:\Users\admin\AppData\Local\Chimera tool crack\cache\qmlcache\0c2d95c87a236693664d20d984984588e966f794.qmlc.fl3852 | — | |
MD5:— | SHA256:— | |||
3852 | Chimera tool crack.exe | C:\Users\admin\AppData\Local\Chimera tool crack\cache\qmlcache\dac78e7439a11db55d0fbbdd60140015dfa4b0b4.qmlc.Xd3852 | — | |
MD5:— | SHA256:— | |||
3852 | Chimera tool crack.exe | C:\Users\admin\AppData\Local\Chimera tool crack\cache\qmlcache\60275f5f6e33c334fc27395521c9281b31d7c5ab.qmlc.if3852 | — | |
MD5:— | SHA256:— | |||
3852 | Chimera tool crack.exe | C:\Users\admin\AppData\Local\Chimera tool crack\cache\qmlcache\3e4786d371c2e5b0db9f303612e17ec725a7c34b.qmlc.cr3852 | — | |
MD5:— | SHA256:— |
PID | Process | IP | Domain | ASN | CN | Reputation |
---|---|---|---|---|---|---|
3852 | Chimera tool crack.exe | 104.20.78.245:443 | chimeratool.com | Cloudflare Inc | US | shared |
Domain | IP | Reputation |
---|---|---|
chimeratool.com |
| whitelisted |
Process | Message |
---|---|
Chimera tool crack.exe | QWindowsEGLStaticContext::doTest: Failed to load and resolve libEGL functions
|
Chimera tool crack.exe | QWindowsEGLStaticContext::doTest: Failed to load and resolve libEGL functions
|