home

chromaspro142.exe

Technelysium Pty Ltd

This is a setup program which is used to install the application. The file has been seen being downloaded from drive.google.com.
Publisher:
Technelysium Pty Ltd  (signed and verified)

MD5:
b3b6f725d5d1d5723de63911aa153449

SHA-1:
5031f6acab5934ddbaf96eb7a4fc52a207c66aea

SHA-256:
82b1d9cf208e79824dbcbc761b9fdf77a49a5665f201359f98d36f825da916c3

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/1/2025 3:15:05 PM UTC  (today)

File size:
466.5 KB (477,704 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\chromaspro142.exe

Digital Signature
Signed by:
Technelysium Pty Ltd

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
3/12/2008 1:00:00 AM

Valid to:
4/12/2010 1:59:59 AM

Subject:
CN=Technelysium Pty Ltd, OU=SECURE APPLICATION DEVELOPMENT, O=Technelysium Pty Ltd, L=Tewantin, S=Queensland, C=AU

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
6309749E5AFF9BFE969E5D4942A4F713

File PE Metadata
Compilation timestamp:
4/14/2005 8:55:46 AM

OS version:
1.11

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.18

CTPH (ssdeep):
12288:tFPll21yahPpS721j0kAgfyTEonVf46h2zmIPz:/Pj21vh1u8oV46hWPPz

Entry address:
0x2865

Entry point:
51, 52, 6A, 01, 2E, FF, 15, C4, 41, 40, 00, 50, 6A, 00, 6A, 00, 2E, FF, 15, D8, 41, 40, 00, 50, E8, 0B, 00, 00, 00, 50, 2E, FF, 15, C0, 41, 40, 00, 5A, 59, C3, 53, 55, 89, E5, 68, 2C, 01, 00, 00, 68, 54, 65, 40, 00, FF, 75, 0C, 2E, FF, 15, D4, 41, 40, 00, BA, 5C, 00, 00, 00, B8, 54, 65, 40, 00, E8, 42, F8, FF, FF, 85, C0, 75, 0F, BA, 3A, 00, 00, 00, B8, 54, 65, 40, 00, E8, 2F, F8, FF, FF, 85, C0, 75, 07, B8, 54, 65, 40, 00, EB, 01, 40, 50, 68, 50, 64, 40, 00, 2E, FF, 15, 10, 42, 40, 00, BA, 00, 00, 00, 80...
 
[+]

Code size:
11.5 KB (11,776 bytes)

The file chromaspro142.exe has been seen being distributed by the following URL.

https://drive.google.com/uc?id=0B1OXu89lho48SEpXRHhGTlFDdWc&export=download

Scan chromaspro142.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.