Ladon911[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Ladon911.exe
Size

2.9MB
MD5

5d93629fbc80fed017e1657392a28df4
SHA1

da4de87f5714472f76536f55efa1eb2a5c503fe4
SHA256

b8031c1d4eed0b8c35a48b835a056983f95025af7c80a79e7009c1e26bbd1304
SHA512

ee54d97f46563878212315939832d3622b90920f2830536a4402fc5f926073362e3670f7bf96c0ddede55b256f14b1ddca19900c10fbd09b8e9fc6b28d5e5d86
SSDEEP

49152:JMIwS/1/+sxBWgXXkL8jvFTrz0rY7WB6aV7yA7gKEjSQAWdpA/Pt2Qh/VLWWmiNd:JMIwS9cgX5jvGM7WB6aMA7gKEmIA/E2F

Score

1^/10

Malware Config

Signatures

Files

Ladon911.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:03:3b:65:5f:ae:fa:db:75:e9:d6:00:00:00:00:03:3b
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/09/2021, 18:23

Not After

01/09/2022, 18:23

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:c9:0a:24:62:3a:61:84:2c:74:74:cb:36:09:ae:6f:a0:d2:bd:5e:86:c8:98:20:66:ae:b8:93:65:44:91:ab
Signer

Actual PE Digest

08:c9:0a:24:62:3a:61:84:2c:74:74:cb:36:09:ae:6f:a0:d2:bd:5e:86:c8:98:20:66:ae:b8:93:65:44:91:ab

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\Desktop\K8Ladon\XorEtw\ConsoleApp1\ConsoleApp1\obj\Release\ConsoleApp1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

33:00:00:03:3b:65:5f:ae:fa:db:75:e9:d6:00:00:00:00:03:3bCertificate

Extended Key Usages

61:07:76:56:00:00:00:00:00:08Certificate

Key Usages

08:c9:0a:24:62:3a:61:84:2c:74:74:cb:36:09:ae:6f:a0:d2:bd:5e:86:c8:98:20:66:ae:b8:93:65:44:91:abSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rsrc Size: 180KB - Virtual size: 180KB

.reloc Size: 512B - Virtual size: 12B

33:00:00:03:3b:65:5f:ae:fa:db:75:e9:d6:00:00:00:00:03:3b
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

08:c9:0a:24:62:3a:61:84:2c:74:74:cb:36:09:ae:6f:a0:d2:bd:5e:86:c8:98:20:66:ae:b8:93:65:44:91:ab
Signer

.text
Size: 2.7MB - Virtual size: 2.7MB

.rsrc
Size: 180KB - Virtual size: 180KB

.reloc
Size: 512B - Virtual size: 12B