home

cheesecubev1-byzk.exe

The program is a setup application that uses the NSIS (Nullsoft Scriptable Install System) installer. The file has been seen being downloaded from mega.nz and multiple other hosts.
MD5:
76c253fd2ae0fa78bfdf22f7dbe2ca66

SHA-1:
3d973b32025448f9442d0d453cc1a75c9af45ff2

SHA-256:
18d694447f14d76f190898652fb4c0137d2561d5f39183c73887386c43155aa2

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 2:17:49 AM UTC  (today)

File size:
75.3 MB (78,983,876 bytes)

File type:
Executable application (Win32 EXE)

Installer:
NSIS (Nullsoft Scriptable Install System)

File PE Metadata
Compilation timestamp:
12/5/2009 10:50:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1572864:6izQvSuoXlk0Tys3hwkKlM6ylMIs4KwjXpFX+Fzh5:6+mSJqcXxww7iwj/uB

Entry address:
0x323F

Entry point:
81, EC, 80, 01, 00, 00, 53, 55, 56, 33, DB, 57, 89, 5C, 24, 18, C7, 44, 24, 10, 30, 91, 40, 00, 33, F6, C6, 44, 24, 14, 20, FF, 15, 30, 70, 40, 00, 68, 01, 80, 00, 00, FF, 15, B4, 70, 40, 00, 53, FF, 15, 7C, 72, 40, 00, 6A, 08, A3, 98, 27, 7A, 00, E8, 09, 2C, 00, 00, A3, E4, 26, 7A, 00, 53, 8D, 44, 24, 34, 68, 60, 01, 00, 00, 50, 53, 68, 98, DC, 79, 00, FF, 15, 58, 71, 40, 00, 68, B8, 91, 40, 00, 68, E0, 1E, 7A, 00, E8, BC, 28, 00, 00, FF, 15, B0, 70, 40, 00, BF, 00, 80, 7A, 00, 50, 57, E8, AA, 28, 00, 00...
 
[+]

Entropy:
7.9999

Packer / compiler:
Nullsoft install system v2.x

Code size:
23 KB (23,552 bytes)

The file cheesecubev1-byzk.exe has been seen being distributed by the following 50 URLs.

https://mega.nz/temporary/.../3kZ1ma4R

http://download1747.mediafire.com/ue20v4xm4l5g/.../Cheese Cube v1 - by ZK.exe

http://download728.mediafire.com/2uvfmc42c7mg/.../Cheese Cube v1 - by ZK.exe

http://download2235.mediafire.com/jh2rtv2gqdcg/.../Cheese Cube v1 - by ZK.exe

http://download1005.mediafire.com/k4dbselde6kg/.../Cheese Cube v1 - by ZK.exe

http://download792.mediafire.com/gnjml5s262ig/.../Cheese Cube v1 - by ZK.exe

https://mega.nz/temporary/.../zRkBHaLA

http://download1758.mediafire.com/xlimoc5t4cvg/.../CheeseCubev1-byZK.exe

http://download1747.mediafire.com/8lxrxe4ulxag/.../Cheese Cube v1 - by ZK.exe

http://download1005.mediafire.com/2vl7314987jg/.../Cheese Cube v1 - by ZK.exe

http://download2218.mediafire.com/442ivlz3rzrg/.../Cheese Cube v1 - by ZK.exe

http://download728.mediafire.com/oi2mby8y4yyg/.../Cheese Cube v1 - by ZK.exe

http://download1961.mediafire.com/ibcd2s1g1kog/.../Cheese Cube v1 - by ZK.exe

http://download1758.mediafire.com/0sqecj8dlhtg/.../Cheese Cube v1 - by ZK.exe

http://download2235.mediafire.com/k9ve6c5txdlg/.../Cheese Cube v1 - by ZK.exe

http://download2235.mediafire.com/x66o21pl9peg/.../Cheese Cube v1 - by ZK.exe

http://download1568.mediafire.com/j5c22yuptd0g/.../CheeseCubev1-byZK.exe

http://download1145.mediafire.com/d9i2s3s29k1g/.../Cheese Cube v1 - by ZK.exe

https://mega.co.nz/persistent/.../As4EhZjD

http://download2089.mediafire.com/movesxjw302g/.../Cheese Cube v1 - by ZK.exe

http://download728.mediafire.com/sh4dlus1fvkg/.../Cheese Cube v1 - by ZK.exe

blob:7FE0DA76-76DA-4628-A5A5-DF2A82D73294

http://download2235.mediafire.com/24w49vwnw0rg/.../Cheese Cube v1 - by ZK.exe

http://download1145.mediafire.com/rrtdzb5xqryg/.../Cheese Cube v1 - by ZK.exe

chrome-extension://bigefpfhnfcobdlfbedofhhaibnlghod/persistent/.../8gdBgSTD

http://download2235.mediafire.com/cq5h4t2n19gg/.../Cheese Cube v1 - by ZK.exe

http://download2218.mediafire.com/hsz4uk6zozyg/.../Cheese Cube v1 - by ZK.exe

https://mega.nz/persistent/.../8gdBgSTD

http://download2146.mediafire.com/1120adb0v2wg/.../Cheese Cube v1 - by ZK.exe

http://download1005.mediafire.com/9g5h7d5nwlwg/.../Cheese Cube v1 - by ZK.exe

Latest 30 of 68 download URLs

Scan cheesecubev1-byzk.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.