» chrome.exe
Overview
Analysis
File Details
Programs (1)

chrome.exe

Cheng Du VTools Information Technology

The application chrome.exe by Cheng Du VTools Information Technology has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program AccelerateTab by websecuritykeeper.com Inc. which is a potentially unwanted software program.

File name:

chrome.exe

Publisher:

Cheng Du VTools Information Technology (signed and verified)

Version:

2.0.0.740

MD5:

bf119eaeee2451fc9bd0912bfdc80adf

SHA-1:

5bcddfb379195bb0ddffbc54d1f20aa23074ca59

SHA-256:

cd219594daa16afff50842a7da4b27e32fb60c66462f86fc1ad2dfa5edb99720

Scanner detections:

1 / 68

Status:

Potentially unwanted

Note:

Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:

4/25/2024 6:01:15 AM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.ChengDuVToolsInformationTechnology

15.1.30.15

File size:

2.2 MB (2,340,176 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\secure speed dial\ie\adblock\ie\chrome.exe

Digital Signature

Signed by:

Cheng Du VTools Information Technology

Authority:

VeriSign, Inc.

Valid from:

12/10/2011 7:00:00 PM

Valid to:

1/25/2014 6:59:59 PM

Subject:

CN=Cheng Du VTools Information Technology, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Cheng Du VTools Information Technology, L=ChengDu, S=SiChuan, C=CN

Issuer:

CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

1B5D68E0AFA12E8F1159C668DD228431

File PE Metadata

Compilation timestamp:

11/14/2013 9:46:33 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

49152:Mm9koJpArEFXpgN8STlm8y0DYBHX9TmTHiBym:Mm9P2EFp2Pw84HX9Em

Entry address:

0x1C1E7C

Entry point:

55, 8B, EC, 83, C4, F0, 53, B8, 10, F2, 5B, 00, E8, 17, 72, E4, FF, E8, CA, 94, FF, FF, 84, C0, 75, 4D, A1, 90, 4E, 5D, 00, 8B, 00, 80, 78, 30, 00, 74, 10, A1, 90, 4E, 5D, 00, 8B, 00, E8, 4D, 16, F3, FF, 84, C0, 74, 0C, A1, 90, 4E, 5D, 00, 8B, 00, 8B, 10, FF, 52, 34, 8B, 0D, 08, 4A, 5D, 00, A1, 90, 4E, 5D, 00, 8B, 00, 8B, 15, F8, ED, 5B, 00, 8B, 18, FF, 53, 30, A1, 90, 4E, 5D, 00, 8B, 00, 8B, 10, FF, 52, 38, 5B, E8, 9F, 35, E4, FF, 8D, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.6652

Developed / compiled with:

Microsoft Visual C++

Code size:

1.8 MB (1,838,080 bytes)

The file chrome.exe has been discovered within the following program.

AccelerateTab by websecuritykeeper.com Inc.

Web Security Keeper is a browser add-on (extension) that designed to help you detect malware sites and cyber attack while you surf online. When you search on search engines, Web Security Keeper detects risky websites based on the search results.

www.websecuritykeeper.com

75% remove it

Remove chrome.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.