GDSaveEditor[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

GDSaveEditor.exe
Size

114KB
MD5

540fd3f364c91dd0137a02e08b50fa05
SHA1

b1aeae42e2cf4609d09c00726d3f7701ddaf6b7d
SHA256

06ce30582e323f131a41f3da460ae1254355606640ede1c5db256bae6d6a1573
SHA512

45311b177f82e45c221c49c1efb5b2b87d63a052b79bc817e10e1fc08d0c754995d105676cdd5f4645b0a433115665924871b2e248996f3f7bfdf9689cd0d948
SSDEEP

1536:SunlQ6HVENmdiVc9pSmMP6H4zmviNKTuee4u9pYLiuVwVhykGj1Msn0fw6uuTnPg:S2lQ1mppSRyuTDa1Ibg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
GDSaveEditor.exe

Files

GDSaveEditor.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ