amadey | todesk[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

todesk.exe
Size

53.5MB
MD5

f1fd2dd5c0d3143fefd29bff524431e8
SHA1

a87296cc2ded0755fff44a5ede53189e2b60d1ca
SHA256

45d4cd7c190aea08a6a539bb7f56ffcc82c61f87e17e74aa763535f0ca149871
SHA512

6191e8e39691f46d63d32ec378faf20da2a6d55c4dfd6e48ee46b0c13e63a21b4f2240d9ca0fc4f1067d891d888d2868a4e67d611b7a68fef47d0d2c281fd881
SSDEEP

1572864:LewG2m0gVCAP03mrcoDN6tXdyRLjqNbBDrta60HYUpO0QluKEMOZm0nF:MjqNbBDrta6mYUpO0KuK1O/F

Score

10^/10

amadey

Malware Config

Signatures

Amadey family
amadey

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
todesk.exe

Files

todesk.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma1
Size: 52.5MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 124KB - Virtual size: 124KB

.data Size: 2KB - Virtual size: 1KB

.rdata Size: 519KB - Virtual size: 519KB

.eh_fram Size: 24KB - Virtual size: 24KB

.bss Size: - Virtual size: 3KB

.idata Size: 16KB - Virtual size: 16KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 72KB - Virtual size: 72KB

.enigma1 Size: 52.5MB - Virtual size: 4KB

.enigma2 Size: 284KB - Virtual size: 284KB

.text
Size: 124KB - Virtual size: 124KB

.data
Size: 2KB - Virtual size: 1KB

.rdata
Size: 519KB - Virtual size: 519KB

.eh_fram
Size: 24KB - Virtual size: 24KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 16KB - Virtual size: 16KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 72KB - Virtual size: 72KB

.enigma1
Size: 52.5MB - Virtual size: 4KB

.enigma2
Size: 284KB - Virtual size: 284KB