lada[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

lada.exe
Size

2.2MB
MD5

b958b6c00b2cee43a7d3e13f7c10da2e
SHA1

dc4d8415605bd953b5360f07a33002488e185de9
SHA256

eaa7ec0e187ebffc9db3b213c77a83174751b85c665dc4368f5b1a76a5eb048b
SHA512

a01bdde100a7c13da79f1cd82c83d80c2c96f91b4ff972f4e59b776936720e047efef58e3e50fcb05311ba7cc5abc69e5053b3aa6f73a3b4df3038fd6b5c4f58
SSDEEP

49152:ePWQy2C+Hx4j4u6WOsRNqbRyIt5Fcbe6PmYuT9lL6SUKBXFGyW:e7HCgW4r0N+XIe6PmYa9RnZFG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
lada.exe

Files

lada.exe
.exe windows:6 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 568KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tsfteqni
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

prhnvpac
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE