home

chmdecoder.exe

CHM Decoder

Gridinsoft, LLC

Publisher:
GridinSoft  (signed by Gridinsoft, LLC)

Product:
CHM Decoder

Description:
http://gridinsoft.com/chm.php

Version:
2.2.0.0

MD5:
b65707cea5c8bee068ee0dad4332ded7

SHA-1:
61c940f7f3e7d342d1c88118b87a4bd342052e3d

SHA-256:
45f5e26f91c0026ba87265eb13fa83ddb9d8e447c5a83581bb7af1d76825053a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:32:48 AM UTC  (today)

File size:
2.7 MB (2,788,096 bytes)

Product version:
2.2

Copyright:
2003-2014 © GridinSoft LLC. All rights reserved

File type:
Executable application (Win32 EXE)

Language:
Russian (Russia)

Common path:
C:\users\{user}\downloads\chmdecoder.exe

Digital Signature
Signed by:
Gridinsoft, LLC

Authority:
VeriSign, Inc.

Valid from:
12/12/2011 8:00:00 AM

Valid to:
1/13/2015 7:59:59 AM

Subject:
CN="Gridinsoft, LLC", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Gridinsoft, LLC", L=Kiev, S=Kiev, C=UA

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
065DF919B8A90A37DEB26750CBB3BBD3

File PE Metadata
Compilation timestamp:
3/13/2014 10:54:06 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:4yNUoRXwLmuen7ORTJIfbgSBemLslH/04RSTHDN986:JNfuen7OtJS4Ruh

Entry address:
0x209A64

Entry point:
55, 8B, EC, 83, C4, F0, B8, F0, F2, 5F, 00, E8, 40, 17, E0, FF, A1, AC, 3A, 61, 00, 8B, 00, E8, 64, CD, F8, FF, A1, AC, 3A, 61, 00, 8B, 00, BA, C8, 9A, 60, 00, E8, 4F, C7, F8, FF, 8B, 0D, 70, 36, 61, 00, A1, AC, 3A, 61, 00, 8B, 00, 8B, 15, 8C, D3, 5F, 00, E8, 53, CD, F8, FF, A1, AC, 3A, 61, 00, 8B, 00, E8, AB, CE, F8, FF, E8, E6, D3, DF, FF, 00, 00, B0, 04, 02, 00, FF, FF, FF, FF, 0B, 00, 00, 00, 43, 00, 48, 00, 4D, 00, 20, 00, 44, 00, 65, 00, 63, 00, 6F, 00, 64, 00, 65, 00, 72, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.5688

Developed / compiled with:
Microsoft Visual C++

Code size:
2 MB (2,132,480 bytes)

The file chmdecoder.exe has been seen being distributed by the following 3 URLs.

http://files.downloadnow.com/s/software/13/65/13/.../chmdecoder.exe

http://software-files-a.cnet.com/s/software/13/65/13/.../chmdecoder.exe

http://gridinsoft.com/download.php?chm

Scan chmdecoder.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.