home

getdrms.exe

MD5:
4fc257fcc750b4e6add497617ed3d60f

SHA-1:
9d5655d84c100aca6d114388701d3f98c18d89ec

SHA-256:
ef06c7432693c58fc6ac0d3a9e8c9d27488d36f83a9abde833f50c81dabc7e34

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/8/2024 11:35:53 AM UTC  (today)

File size:
521 KB (533,504 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\getdrms.exe

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:MXT0isufNMa+7wT2nU00LFkWqyiYJmvj:MDMud+74O0LFkWmKmvj

Entry address:
0x751F4

Entry point:
55, 8B, EC, 83, C4, F0, B8, B4, 3C, 47, 00, E8, B8, C0, F8, FF, E8, D3, E7, FF, FF, A1, F4, 9B, 47, 00, 8B, 00, E8, 6B, C2, F8, FF, 8B, 0D, 1C, 7B, 47, 00, A1, F4, 9B, 47, 00, 8B, 00, 8B, 15, 7C, E3, 46, 00, E8, 5B, C2, F8, FF, A1, F4, 9B, 47, 00, 8B, 00, E8, 57, C2, F8, FF, E8, D2, E9, FF, FF, E8, 35, BF, F8, FF, 90, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.4427

Developed / compiled with:
Microsoft Visual C++

Code size:
461.5 KB (472,576 bytes)

The file getdrms.exe has been seen being distributed by the following 2 URLs.

https://wetransfer-us1.s3.amazonaws.com/1fb71df719ef61bb7d9dd039c451a30420131022112355?response-content-disposition=attachment; foo=bar; filename="GetDRMS.exe"; filename*=UTF-8''GetDRMS.exe&AWSAccessKeyId=AKIAIQ6E6WYDY7EA2ZIQ&Expires=1382999857&Signature=GMe6eQh/P5V6hbLmc4O/.../Aw=

https://download-ch9l2pyvuy9plu9pz6kuwqk1s.wetransfer.com/.../

Scan getdrms.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.