home

chunico3cd9.exe

Updater

E FRONTIER,INC.

This is a setup program which is used to install the application. The file has been seen being downloaded from www.e-frontier.co.jp.
Publisher:
E FRONTIER,INC.  (signed and verified)

Product:
Updater

Version:
1, 0, 0, 1

MD5:
758fc9821340967bea0721defb28342b

SHA-1:
886183932473fc0a19ff7b5965a74ae2707efdcf

SHA-256:
082cb3473cedb3ba46c29292c872ee89659fb3c58408794f807f413bc4693de5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/1/2024 7:13:17 AM UTC  (today)

File size:
3.7 MB (3,909,744 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 1995-

Original file name:
Updater

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\chunico3cd9.exe

Digital Signature
Signed by:
E FRONTIER,INC.

Authority:
COMODO CA Limited

Valid from:
9/9/2015 9:00:00 AM

Valid to:
9/9/2016 8:59:59 AM

Subject:
CN="E FRONTIER,INC.", O="E FRONTIER,INC.", STREET="43-1, Enokicho", L=Shinjuku-Ku, S=Tokyo, PostalCode=162-0806, C=JP

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D4BEB5588BE93FF025FADC27E3A45625

File PE Metadata
Compilation timestamp:
3/16/2016 4:06:39 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
98304:uPu00HKrKFWRldZbPDKzcMLohY/qBi826HthnXiy:MuzKrKFW/vrHdY/qY0thnSy

Entry address:
0x1596

Entry point:
6A, 00, FF, 15, 80, 40, 40, 00, 50, 6A, 00, 6A, 00, FF, 15, 7C, 40, 40, 00, 50, E8, 38, FF, FF, FF, C3, 8B, 44, 24, 04, 33, D2, 3B, C2, 74, 31, 8B, 48, 1C, 3B, CA, 74, 2A, 56, 89, 50, 14, 89, 50, 08, 89, 50, 18, 8B, 71, 0C, 52, F7, DE, 1B, F6, 50, 83, E6, 07, 89, 31, 8B, 40, 1C, FF, 70, 14, E8, AD, 04, 00, 00, 83, C4, 0C, 33, C0, 5E, C3, 6A, FE, 58, C3, 56, 8B, 74, 24, 08, 85, F6, 74, 30, 8B, 46, 1C, 85, C0, 74, 29, 83, 7E, 24, 00, 74, 23, 8B, 40, 14, 85, C0, 74, 09, 56, 50, E8, 97, 0D, 00, 00, 59, 59, FF...
 
[+]

Entropy:
7.9967

Packer / compiler:
FASM v1.3x

Code size:
12 KB (12,288 bytes)

The file chunico3cd9.exe has been seen being distributed by the following URL.

http://www.e-frontier.co.jp/chunico/3/support/.../Chunico3cd9.exe

Scan chunico3cd9.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.