XD[.]exe | Triage

Resubmissions

01-07-2023 19:08

230701-xteenshd24 10

01-07-2023 19:04

230701-xra98shc96 10

Sharing

General

Target

XD.exe
Size

1.3MB
MD5

de88420914cbcf761884bd1200161f31
SHA1

8bb65894f0e5aac2e488ae32fe0cb6ef842a8536
SHA256

db1568502ee09a65ba3b07b3aab4bcf62dbc6fdd51e196fb3a3048aab4a0e3c9
SHA512

c9d44fc8e8cacd756c251f40d8a7092a37dcccd3d8d5b9060de2a4931bed91a01f88eb13d4f7b7ab2df28753f603057398877cc05bbb1fbd3aa2d1d93803541d
SSDEEP

24576:Kx13NKqahG5xQrr2cIb93ckRhx73NKqahG5xQrr2h85a2Qj8Nl/M1Meso:aNKqaY5urr2cINckRLNKqaY5urr2yK8t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
XD.exe

Files

XD.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ