FUD exe Risk Downloader File Malware Analysis: ae2a5c4b2f8e6980366bcceac1c3f853

FUD.exe Risk Downloader Analysis

Updated 27 days ago

Checked by Malaware Check

FUD.exe

Hash Type	Value	Action
MD5	ae2a5c4b2f8e6980366bcceac1c3f853
SHA1	f80e53c507383be9600d956e5f8e0640bb5dd750
SHA256	9f2e7e1947483ac1f735d69f09cf2878c9d628a032c49d80f290d50399fc0190
SHA512	b6a605ea04397b9e91847cc70e83a21fe12a88635f721ed1ae7b6252ccc90f43b6e45621b066485cdbf22774bcaec074ae93c011522bda1c08ca7bf2af5ebcf5
ImpHash	f34d5f2d4577ed6d9ceec516c1f5a744

Hash Type

Value

Action

MD5

ae2a5c4b2f8e6980366bcceac1c3f853

SHA1

f80e53c507383be9600d956e5f8e0640bb5dd750

SHA256

9f2e7e1947483ac1f735d69f09cf2878c9d628a032c49d80f290d50399fc0190

SHA512

b6a605ea04397b9e91847cc70e83a21fe12a88635f721ed1ae7b6252ccc90f43b6e45621b066485cdbf22774bcaec074ae93c011522bda1c08ca7bf2af5ebcf5

ImpHash

f34d5f2d4577ed6d9ceec516c1f5a744

PE Analysis

Basic Information

▼

Image Base	`0x00400000`
Entry Point	`0x0041373e`
Compilation Time	2025-05-10 16:34:55
Checksum	0x00000000 (Actual: 0x000191a2)
OS Version	4.0
PEiD Signatures	`PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows`
Digital Signature	No valid SignedData structure was found.
Imports	1 libraries mscoree
Exports	0 functions
Resources	2 Resources
Sections	3 Sections

Version Information

▼

Translation	0x0000 0x04b0
FileDescription
FileVersion	1.0.0.0
InternalName	XClient.exe
LegalCopyright
OriginalFilename	XClient.exe
ProductVersion	1.0.0.0
Assembly Version	1.0.0.0

PE Sections

▼

Name	Virtual Address	Virtual Size	Raw Size	Entropy	Characteristics	MD5
`.text`	`0x00002000`	71,492 bytes	71,680 bytes	6.01 (Normal)	`IMAGE_SCN_CNT_CODE\|IMAGE_SCN_MEM_EXECUTE\|IMAGE_SCN_MEM_READ`	`B2A952BF8548D1CD20667AA58163FD5E`
`.rsrc`	`0x00014000`	1,230 bytes	1,536 bytes	3.73 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_READ`	`F9052177C59FAD11B6E11866B69A673F`
`.reloc`	`0x00016000`	12 bytes	512 bytes	0.10 (Normal)	`IMAGE_SCN_CNT_INITIALIZED_DATA\|IMAGE_SCN_MEM_DISCARDABLE\|IMAGE_SCN_MEM_READ`	`7A0B00F300A034B901A22CF90D9CE24B`

Resource Analysis

▼

Total Resources: 2 (1,070 bytes)

Resource Type	Count	Total Size	Percentage
RT_VERSION	1	580 bytes	54.2%
RT_MANIFEST	1	490 bytes	45.8%

Certificate Chain Analysis

▼

No Digital Signatures

This file is not digitally signed.

Security Implications:

Cannot verify the publisher's identity
Increased security risk when running this file
May trigger security warnings on some systems

⚠ This file either lacks a digital signature or the certificate chain could not be verified
Exercise caution when executing unsigned files from unknown sources

Certificate Verification Status

No valid SignedData structure was found.

Recommendation: Verify the file source and ensure it comes from a trusted publisher.

Removal Instructions

Follow these steps to completely remove the threat from your system

Start by downloading Gridinsoft Anti-Malware to your computer.
Double-click on the gsam-en-install.exe file and follow the on-screen instructions to install the program.
Once the installation of Gridinsoft Anti-Malware is complete, the program will open on the Scan screen.
Click on the "Standard Scan" button to begin scanning your computer for threats.
After the scanning process is finished, click on "Clean Now" to remove any detected threats.
If prompted, restart your system to complete the removal process and ensure all threats are eliminated.

Important: Before You Start

Disconnect from the internet to prevent the malware from spreading or downloading additional threats. Run the scan in Safe Mode for better detection and removal of persistent threats.

File Name	FUD.exe
File Type	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Scanner Version	1.0.216.174
Database Version	2025-05-10 19:00:20 UTC

FUD.exe Risk Downloader Analysis

Technical Analysis

Risk.Win32.Downloader.dd!n

Scan Another File

File Identification