ChromeSetup.exe

First submission 2024-08-30 12:54:32

File details

File type: PE32 executable (GUI) Intel 80386, for MS Windows
Mime type: application/x-dosexec
File size: 58019.92 KB (59412397 bytes)
Compile time: 2022-10-09 08:52:38
MD5: 2abc1307d0bc2e5143adb001c3e5e222
SHA1: 4b6b79b1a4ad4dd44b3039ae3b6cd2fcef1ce89f
SHA256: f04c7fa12e7f9f1f966afdde13e01eab7d8ff7f9af825131bfa0741075da68e5
Import Hash : da98c6b87d3c014c0c71c23112b79521
Sections 7 .text .rdata .data .tls .gfids .rsrc .reloc
Directories 6 import resource debug tls relocation security

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://112.67.250.50:779/ChromeSetup.exe VirusTotal Report 112.67.250.50 VirusTotal Report 2024-08-30 12:54:32

PE Sections 1 suspicious

Name VAddress VSize Size SHA1 MD5 Suspicious
.text 0x1000 0x48cb1 298496 1c251589208e5d537237631ab1a15c81c298f215 df4fa3de2073cc64660c0e56c6b8afff
.rdata 0x4a000 0x2792a 162304 30dab3ec5f00df86912c3f74357923bfd36165bd 9d1ed26688723164982db27405850cd7
.data 0x72000 0x2a5c 6656 3e75d096e5f4774de599cb3741bc68558a598696 e10c05308b2b4249d1a8cd946e14ea21
.tls 0x75000 0x9 512 aa0d33a0c854e073439067876e932688b65cb6a9 1f354d76203061bfdd5a53dae48d5435
.gfids 0x76000 0x89c 2560 a95232adf7da2e3948a0704a1f394dec57d65616 2fc890d4a1b76919647e3ff58f74ad15
.rsrc 0x77000 0x114990 1133056 033d5384012b615c6b15f110727acb674944d893 10223237aa180d111aea3992fe504305
.reloc 0x18c000 0x3a60 15360 6f20b898691991cac84923642d2185423f2a8256 607dcc2084190dfae9a898041c5873b6

PE Resources 5

Name Language Sublanguage Offset Size Data
BINARY LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0x1566f0 163840
RT_ICON LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0x184168 30269
RT_GROUP_ICON LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0x18b7a8 104
RT_VERSION LANG_CHINESE SUBLANG_CHINESE_SIMPLIFIED 0x17e6f0 772
RT_MANIFEST LANG_ENGLISH SUBLANG_ENGLISH_US 0x18b810 381

Meta infos 9

LegalCopyright: Copyright 2022 Google LLC. All rights reserved.
InternalName: chrome.exe
FileVersion: 103.0.5060.66
CompanyName: Google
ProductVersion: 103.0.5060.66
FileDescription: Google Chrome
Translation: 0x0804 0x04b0
OriginalFilename: chrome.exe
ProductName: Google Chrome

Packers detected 2

Microsoft Visual C++ 8
VC8 -> Microsoft Corporation

Anti debug functions 6

GetLastError
IsDebuggerPresent
IsProcessorFeaturePresent
RaiseException
TerminateProcess
UnhandledExceptionFilter

Anti debug functions 3

Virtual Box
VMCheck.dll
Bochs & QEmu CPUID Trick

File signature

MD5 SHA1 Block size Virtual Address
d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 13304 92928752

Strings analysis - File found

XML
n[TOC].xml
].xml
Database
S@.dB
CaUQ|.dB
pA.dB
Adobe Flash
d~.swf
Text
string.txt
Library
mscoree.dll
7-Zip cannot load Mapi32.dll
Gkernel32.dll
7za.dll
MAPI32.dll
ADVAPI32.dll
MSVCRT.dll
SHELL32.dll
USER32.dll
7z.dll
ole32.dll
OLEAUT32.dll
KERNEL32.dll

Import functions