Hello! Just a short note on a publisher called Alpha Superb (Fried Cookie Ltd.).
You will see “Alpha Superb” appear when clicking on the file. If you are using one of the later versions of Windows, you will probably see the “Windows protected your PC” warning pop up.
You can also check the digital signature under the file’s properties.. The screenshot below shows the Alpha Superb (Fried Cookie Ltd.) certificate. From the certificate info we can see that Alpha Superb (Fried Cookie Ltd.) appears to be located in Tel Aviv in Israel.
GlobalSign has issued the certificate.
What caught my attention was that the download was called chrome-download.exe. This might look like an official Google Chrome download, but it is not. If it was an official download, it should have been signed by Google Inc.. Here’s how the authentic Google Chrome looks like when you double click on it. Notice that the “Verified publisher” says “Google Inc”.
PUP.Optional.InstallCore, Install Core Click run software (PUA) and InstallCore (fs) are some detection names according to VirusTotal:
Did you also find a Alpha Superb (Fried Cookie Ltd.) file? Do you remember where you downloaded it?
Thanks for reading.