Badwarepermtool[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Badwarepermtool.exe
Size

57.0MB
MD5

d695052798c4d709944cf26b56142532
SHA1

ebf7cc64f98bb91cad375f45ec824d7ad28f37e3
SHA256

ef5e641e6e3071a980b51fcf404c85ce7799f47e9efabf5041592759e103d60e
SHA512

c916cb318e98b9ef7ca9e92d2b07f039ca02515e17049d9bbcafe3cef0688d22c12d9dfe0ca3eab3cd7846c29b0f24213ad0c3b09cdb698bcc2372dcb3880464
SSDEEP

786432:WJu5HuTJPUkJa7gEWa94jDmMKh1YCxjDb:WJu5HIJP1Ja7gEzsDmXFpb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Badwarepermtool.exe

Files

Badwarepermtool.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 57.0MB - Virtual size: 57.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ