redoPad (1)[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

redoPad (1).exe
Size

81KB
MD5

e1d0bb4ff164cb8b72fef63f4b392faa
SHA1

2e4e1ce6dfc607ff3b1af74017dedfcae54b2751
SHA256

acd1a90c176973503bd2a71ae5361a9912abdefe63c89e76b08f8fcad0bde52f
SHA512

26e5c5d793f8306b065830d123946a32759492364f5044fdc88380644357249dfdb8d4210e093eef8b970023569faf78bf11b2fbde028ffd4d8ace5b5600d53a
SSDEEP

1536:Ng3QAG/lC9kX0/Za6C66nievrSBso4qUT2YSgdI:Ng3QAG/lC80/Zav66TvuKRBaYXq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
redoPad (1).exe

Files

redoPad (1).exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ