CreamAPI_CSharp[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CreamAPI_CSharp.exe
Size

1.3MB
MD5

e2972a5d2bc16857ad02c3e852e247b3
SHA1

c9b7f7097c8d116cb8abf318102918d148cc42d4
SHA256

a8ba4b1e371e8ec3246ca984bc6d5a90450c68034da7226e2d8a8a4c87ead2d1
SHA512

e2cca6f1964f79f8011156d1e5124cee638e958c4f0344bf18d3587f5a21fe9872a05ba95268926825438fc9f9c9baa6293f1d6d7e1188075fb8bb43c67ff3e0
SSDEEP

24576:g4aANwQ3Pcwdk8Z95LybHIFGMr/FS69ohhjG+asI9fIM0G0jHD:baswyPW8Z95LyDfMREABIVGAH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
CreamAPI_CSharp.exe

Files

CreamAPI_CSharp.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ