» chrome_update.exe
Overview
Analysis
File Details
Downloads (1)

chrome_update.exe

VNBMDLS

The executable chrome_update.exe has been detected as malware by 21 anti-virus scanners. This is a setup program which is used to install the application. According to AVG, this software downloads additional adware offers during setup. The file has been seen being downloaded from gridunesp.unesp.br.

File name:

chrome_update.exe

Product:

VNBMDLS

Version:

1.2.1.2

MD5:

770171ccd0cc55854af909f6dc95b19c

SHA-1:

09c1b204ac39ce5edcd096d4790c970838e7529f

SHA-256:

a58ffcad717683495db8440cb56eac3a4d2c8f2378a52754a78452e0820b5664

Scanner detections:

21 / 68

Status:

Malware

Analysis date:

5/7/2024 11:02:11 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2701798

392

Avira AntiVirus

TR/Agent.75264.201

8.3.2.2

Arcabit

Trojan.Generic.D2939E6

1.0.0.545

avast!

Win32:Dropper-gen [Drp]

2014.9-160109

AVG

Downloader.Generic14

2017.0.2870

Bitdefender

Trojan.GenericKD.2701798

1.0.20.45

Emsisoft Anti-Malware

Trojan.GenericKD.2701798

8.16.01.09.05

Fortinet FortiGate

W32/Banloa.BZU!tr

1/9/2016

F-Secure

Trojan.GenericKD.2701798

11.2016-09-01_7

G Data

Trojan.GenericKD.2701798

16.1.25

K7 AntiVirus

Riskware

13.210.17268

Kaspersky

UDS:DangerousObject.Multi.Generic

14.0.0.844

McAfee

Generic Downloader.z

5600.6526

Microsoft Security Essentials

Trojan:Win32/Skeeyah.A!bit

1.1.12101.0

MicroWorld eScan

Trojan.GenericKD.2701798

17.0.0.27

NANO AntiVirus

Trojan.Win32.Agent.dwvnwq

0.30.24.3283

nProtect

Trojan.GenericKD.2701798

15.09.18.01

Qihoo 360 Security

HEUR/QVM03.0.Malware.Gen

1.0.0.1015

Sophos

Troj/Banloa-BZU

4.98

Trend Micro

TROJ_GEN.R00JC0EI815

10.465.09

VIPRE Antivirus

Trojan.Win32.Generic

43880

File size:

73.5 KB (75,264 bytes)

Product version:

1.2.1.2

Original file name:

VNBMDLS.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\downloads\chrome_update.exe

File PE Metadata

Compilation timestamp:

9/2/2015 10:34:19 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

768:PSYvNjIz2MvqG1KsHmkgvusTpN+4+MTNlhoxNIdi/hHq7/fAdTjXOq2tAPmbUvVk:PoqeK3x318Mjmx+d21zdH+qi5IvsTjp

Entry address:

0x1364E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

70 KB (71,680 bytes)

The file chrome_update.exe has been seen being distributed by the following URL.

http://gridunesp.unesp.br/.../chrome_update.exe

Remove chrome_update.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.