Grape Soda Buddy[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Grape Soda Buddy.exe
Size

12KB
MD5

bc99cb3a376c850e948f3f3461ef9342
SHA1

a26d90e1a4f92c107da1a589135a82f9579ea14b
SHA256

2227d3ee00f339d285ce49b70efd3e2a89b0312f14782471739e403adec1f40d
SHA512

60afe21ec6d50d84dbdd80d403cd7ff1fd1f3dc4368dbcd1820f24822de222f5b2af47886fbb72b6b8d0f4a9256fc0b892fc15c7960164b5523cff1fd71ec05f
SSDEEP

192:BLcNdaLixaepSnm/VunlYJLLLTuVDk9qMo+MwRwXRpG8M:BLudaLiquhPLTu9TMJMwRiHG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Grape Soda Buddy.exe

Files

Grape Soda Buddy.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ