home

chromas231.exe

Technelysium Pty Ltd

This is a setup program which is used to install the application. The file has been seen being downloaded from www.sequencing.co.kr.
Publisher:
Technelysium Pty Ltd  (signed and verified)

MD5:
e15c1be47dfd725dac0fc3ed067b89ce

SHA-1:
444555ebcf2a6cf8d09c560e24b34de1db5f3888

SHA-256:
3e30a83d4ee59fb4f265d1cede0fdc4c2c6431dc2e60cedf021f86537b209b09

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/1/2025 3:15:14 PM UTC  (today)

File size:
263.5 KB (269,808 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\chromas231.exe

Digital Signature
Signed by:
Technelysium Pty Ltd

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/12/2005 4:58:02 PM

Valid to:
4/12/2006 4:58:02 PM

Subject:
CN=Technelysium Pty Ltd, OU=Secure Application Development, O=Technelysium Pty Ltd, L=Tewantin, S=Queensland, C=AU

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
210DAC

File PE Metadata
Compilation timestamp:
4/15/2005 11:12:10 AM

OS version:
1.11

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.18

CTPH (ssdeep):
6144:BOF7u/K/e7bgg2QoXPK6v4wHw8nHG94PSJHnhOUXfsOOy:BylEkg2B/LQwHw7OUH8UXkVy

Entry address:
0x2865

Entry point:
51, 52, 6A, 01, 2E, FF, 15, C0, 41, 40, 00, 50, 6A, 00, 6A, 00, 2E, FF, 15, D4, 41, 40, 00, 50, E8, 0B, 00, 00, 00, 50, 2E, FF, 15, BC, 41, 40, 00, 5A, 59, C3, 53, 55, 89, E5, 68, 2C, 01, 00, 00, 68, 54, 65, 40, 00, FF, 75, 0C, 2E, FF, 15, D0, 41, 40, 00, BA, 5C, 00, 00, 00, B8, 54, 65, 40, 00, E8, 42, F8, FF, FF, 85, C0, 75, 0F, BA, 3A, 00, 00, 00, B8, 54, 65, 40, 00, E8, 2F, F8, FF, FF, 85, C0, 75, 07, B8, 54, 65, 40, 00, EB, 01, 40, 50, 68, 50, 64, 40, 00, 2E, FF, 15, 08, 42, 40, 00, BA, 00, 00, 00, 80...
 
[+]

Entropy:
7.9576  (probably packed)

Code size:
11.5 KB (11,776 bytes)

The file chromas231.exe has been seen being distributed by the following URL.

http://www.sequencing.co.kr/.../chromas231.exe

Scan chromas231.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.