CEUpdater.exe

Is DLL Packer Anti Debug Anti VM Signed XOR Related 2796
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 5312.50 KB (5440000 bytes)
Compile time: 2083-03-10 21:17:01
MD5: b36a396dd00dc57c472475165f742c63
SHA1: 80d3e36e51a32501deb73e1ecb8a34877228a828
SHA256: 67acddda7726183db30ad749cbc2a8ac1929d9c50bc3d1ef7f60852f57b879a9
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 4 import resource debug relocation
Anti Virtual Machine 2 VMCheck.dll Bochs & QEmu CPUID Trick
First submission: 2020-10-16 02:51:09
Last submission: 2020-10-16 06:27:08
Filename detected: - CEUpdater.exe (2)
URL file hosting
hXXp://getapp.bonanzoro.com/up/dl/1576740781970921/CEUpdater.exe?e=1FABFBFF000306F06000c293547b51c2a2e76097b4d503fc005056A986B5&a=1495373619430762&bn=bonanzoro&s=TERSER_TUDE_LTD_SIGNATURE/VirusTotal
hXXps://getapp.bonnapatit.com/up/dl/1576740781970921/CEUpdater.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 2 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x52f7f4 5437440 15c9abd41780e6d7c2396529c757a0c1 0f0fcd24775a360e28985acde11e601735de7153
.rsrc 0x532000 0x5cc 1536 f275810a5ea86e60ca50b731671ec8df fec5313c2b951cb137765e7ae8e24158feafd2bf
.reloc 0x534000 0xc 512 1f9f596956b615a956627875c40618b7 4973367ec70ff55dd4632c36052682b7268e6123
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: Library
mscoree.dll
costura32.sqlite.interop.dll
SQLite.Interop.dll
costura64.sqlite.interop.dll
ADVAPI32.dll
KERNEL32.dll
USER32.dll
IP Found
No IP detected
URL(s)
file:///
https://www.sqlite.org/copyright.html
http://imp.
http://inf.
http://google.com/generate_204
http://lgc.

#infosec #automation

TheSystem Itself @ 2020-10-16 02:51:11