S2HD[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

S2HD.exe
Size

383KB
MD5

4a7db5ac86fa5d459ebb326972b1de41
SHA1

34f8191a0dd1f2e76d870a9a20dca8e5779421b6
SHA256

5e4c3fb3c8b4e0e0fcbf17ad3dec0d9fabfc09e8c4f96a3a8be5b8568bb54ff7
SHA512

f6038518763653c27beb260a84fd5cd78ec80ff0335c6a2032280bc61a88029fea5ebf96f3853213b85dd8b1e07d7a5a397c0363ef9e3bc80e25483dd59d2275
SSDEEP

6144:S09RFHQ2JpbY++flagHzRHpN8B8B+9+BIWe78zYg13DtbI2Z/uHYogOLBoOGRVUp:B9RFHlHbY++f5T/+jW9zYu50lqRWBksB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
S2HD.exe

Files

S2HD.exe
.exe windows:4 windows x86 arch:x86

Password: 1504241

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Program Files (x86)\Jenkins\workspace\S2HD production build\s2hd\src\S2HD\obj\Release\S2HD.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ