GShade[.]Latest[.]Installer[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

GShade.Latest.Installer.exe
Size

87.6MB
MD5

992300a181b14b237a553e63bdb8b16d
SHA1

5884b8af149391d0365a7b35fa6177fe1df6e600
SHA256

5cf38376cf9e5c5b415efd05f83f51d7502283ec5131303a1b4c67ac4d1c162b
SHA512

801df6a1a1092ab121333f4d03db20a60fd2490d82778332a76a11dbc3c9f421775ce830a9fa438622bc32bff789d22a12aae4757b65ac988e173cae77ec6e89
SSDEEP

1572864:YXiRI1hz1ipNUgV72fEeAyeADRvjf6ZPreVt/prMUFsmwez8gq08eHxz3EAC:2L1hzyNUgV72fAyFpjf6xrAt2UFsLi8j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
GShade.Latest.Installer.exe

Files

GShade.Latest.Installer.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\GitHub\GShade-Utilities\GShade-Installer\GShade-Installer\obj\x64\Release (Website)\GShade Installer.pdb

Sections

.text
Size: 87.6MB - Virtual size: 87.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ