General

  • Target

    geode-installer-v2.0.0-beta.15-win.exe

  • Size

    27.7MB

  • MD5

    2997d9220e258dbf40a5c99500160834

  • SHA1

    c0881942e181395ec608e4c48c91c9c7fbf562f2

  • SHA256

    25e68fc4be38da3622d5a86e21a46c5270c21b18aab8066ed5c52b2917471820

  • SHA512

    782cab24ced5b81487e99d84e384aaa8546dee684434152cb1ed42b5081596ece73d090c0b0329cc69f2263de55281e5217315101d7bf3acb0205d90802c675a

  • SSDEEP

    786432:WAqFNFeciZcof2fGWd+9QE2PINvyJLM4iBntXB7Ep+zJfKcf2zuP9q:W9FPIffss6duvyJLMTBntXB7E4zH289q

Score
3/10

Malware Config

Signatures

  • Unsigned PE 11 IoCs

    Checks for missing Authenticode signature.

Files

  • geode-installer-v2.0.0-beta.15-win.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f4639a0b3116c2cfc71144b88a929cfd


    Headers

    Imports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    fe3375e7e4529b73ba45ab2246b9269b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    509a34b3a68a773e0afb4259e68f9f82


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    3b477381217c97b22146297f93df2a92


    Headers

    Imports

    Exports

    Sections

  • Geode.dll
    .dll windows:6 windows x86 arch:x86

    Password: infected

    3684be96ff5028a8f775f2faf3cb42c9


    Headers

    Imports

    Exports

    Sections

  • Geode.pdb
  • GeodeUninstaller.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    f4639a0b3116c2cfc71144b88a929cfd


    Headers

    Imports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    fe3375e7e4529b73ba45ab2246b9269b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    509a34b3a68a773e0afb4259e68f9f82


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    Password: infected

    3b477381217c97b22146297f93df2a92


    Headers

    Imports

    Exports

    Sections

  • GeodeUpdater.exe
    .exe windows:6 windows x86 arch:x86

    2c1e1ebb7ff4bb986ead25a8cc2a481f


    Headers

    Imports

    Sections

  • VC_redist.x86.exe
    .exe windows:5 windows x86 arch:x86

    1a5cdbf711fee14b077e599d13fddab2


    Code Sign

    Headers

    Imports

    Sections

  • XInput9_1_0.dll
    .dll windows:6 windows x86 arch:x86

    64ea3a3b789d33f21a4c4a9ee2330491


    Headers

    Imports

    Exports

    Sections

  • geode/resources/geode.loader/APISheet-hd.plist
    .xml
  • geode/resources/geode.loader/APISheet-hd.png
    .png
  • geode/resources/geode.loader/APISheet-uhd.plist
    .xml
  • geode/resources/geode.loader/APISheet-uhd.png
    .png
  • geode/resources/geode.loader/APISheet.plist
    .xml
  • geode/resources/geode.loader/APISheet.png
    .png
  • geode/resources/geode.loader/BlankSheet-hd.plist
    .xml
  • geode/resources/geode.loader/BlankSheet-hd.png
    .png
  • geode/resources/geode.loader/BlankSheet-uhd.plist
    .xml
  • geode/resources/geode.loader/BlankSheet-uhd.png
    .png
  • geode/resources/geode.loader/BlankSheet.plist
    .xml
  • geode/resources/geode.loader/BlankSheet.png
    .png
  • geode/resources/geode.loader/GE_button_01-hd.png
    .png
  • geode/resources/geode.loader/GE_button_01-uhd.png
    .png
  • geode/resources/geode.loader/GE_button_01.png
    .png
  • geode/resources/geode.loader/GE_button_02-hd.png
    .png
  • geode/resources/geode.loader/GE_button_02-uhd.png
    .png
  • geode/resources/geode.loader/GE_button_02.png
    .png
  • geode/resources/geode.loader/GE_button_03-hd.png
    .png
  • geode/resources/geode.loader/GE_button_03-uhd.png
    .png
  • geode/resources/geode.loader/GE_button_03.png
    .png
  • geode/resources/geode.loader/GE_button_04-hd.png
    .png
  • geode/resources/geode.loader/GE_button_04-uhd.png
    .png
  • geode/resources/geode.loader/GE_button_04.png
    .png
  • geode/resources/geode.loader/LogoSheet-hd.plist
    .xml
  • geode/resources/geode.loader/LogoSheet-hd.png
    .png
  • geode/resources/geode.loader/LogoSheet-uhd.plist
    .xml
  • geode/resources/geode.loader/LogoSheet-uhd.png
    .png
  • geode/resources/geode.loader/LogoSheet.plist
    .xml
  • geode/resources/geode.loader/LogoSheet.png
    .png
  • geode/resources/geode.loader/about.md
  • geode/resources/geode.loader/black-square-hd.png
    .png
  • geode/resources/geode.loader/black-square-uhd.png
    .png
  • geode/resources/geode.loader/black-square.png
    .png
  • geode/resources/geode.loader/byeNotif00.ogg
  • geode/resources/geode.loader/changelog.md
  • geode/resources/geode.loader/mdFont-hd.fnt
  • geode/resources/geode.loader/mdFont-hd.png
    .png
  • geode/resources/geode.loader/mdFont-uhd.fnt
  • geode/resources/geode.loader/mdFont-uhd.png
    .png
  • geode/resources/geode.loader/mdFont.fnt
  • geode/resources/geode.loader/mdFont.png
    .png
  • geode/resources/geode.loader/mdFontB-hd.fnt
  • geode/resources/geode.loader/mdFontB-hd.png
    .png
  • geode/resources/geode.loader/mdFontB-uhd.fnt
  • geode/resources/geode.loader/mdFontB-uhd.png
    .png
  • geode/resources/geode.loader/mdFontB.fnt
  • geode/resources/geode.loader/mdFontB.png
    .png
  • geode/resources/geode.loader/mdFontBI-hd.fnt
  • geode/resources/geode.loader/mdFontBI-hd.png
    .png
  • geode/resources/geode.loader/mdFontBI-uhd.fnt
  • geode/resources/geode.loader/mdFontBI-uhd.png
    .png
  • geode/resources/geode.loader/mdFontBI.fnt
  • geode/resources/geode.loader/mdFontBI.png
    .png
  • geode/resources/geode.loader/mdFontI-hd.fnt
  • geode/resources/geode.loader/mdFontI-hd.png
    .png
  • geode/resources/geode.loader/mdFontI-uhd.fnt
  • geode/resources/geode.loader/mdFontI-uhd.png
    .png
  • geode/resources/geode.loader/mdFontI.fnt
  • geode/resources/geode.loader/mdFontI.png
    .png
  • geode/resources/geode.loader/mdFontMono-hd.fnt
  • geode/resources/geode.loader/mdFontMono-hd.png
    .png
  • geode/resources/geode.loader/mdFontMono-uhd.fnt
  • geode/resources/geode.loader/mdFontMono-uhd.png
    .png
  • geode/resources/geode.loader/mdFontMono.fnt
  • geode/resources/geode.loader/mdFontMono.png
    .png
  • geode/resources/geode.loader/mod.json
  • geode/resources/geode.loader/newNotif00.ogg
  • geode/resources/geode.loader/newNotif01.ogg
  • geode/resources/geode.loader/newNotif02.ogg
  • geode/resources/geode.loader/newNotif03.ogg
  • geode/resources/geode.loader/scrollbar-hd.png
    .png
  • geode/resources/geode.loader/scrollbar-uhd.png
    .png
  • geode/resources/geode.loader/scrollbar.png
    .png
  • geode/resources/geode.loader/support.md
  • geode/resources/geode.loader/tab-gradient-hd.png
    .png
  • geode/resources/geode.loader/tab-gradient-mask-hd.png
    .png
  • geode/resources/geode.loader/tab-gradient-mask-uhd.png
    .png
  • geode/resources/geode.loader/tab-gradient-mask.png
    .png
  • geode/resources/geode.loader/tab-gradient-uhd.png
    .png
  • geode/resources/geode.loader/tab-gradient.png
    .png
  • geode/resources/geode.loader/version