Exodus_Spoofer[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Exodus_Spoofer.exe
Size

73KB
MD5

bcf1368ad20c734776839981dd276eb9
SHA1

f86710751cab9a9a3ae56e69ee1f0ff34329146d
SHA256

ad6647adc80bd0aa60ca44c1f345dafb29eb2113e0bb0a80127cd1e3f094c5eb
SHA512

32e9ef00b833b2537dc8f6e35f4cbbdc5dac7a230c0eccb46f4dc30849558ca00ccad66d1f33d55b584814e9260b4cdce17c0232133c915106cafc9c16898866
SSDEEP

1536:RGM4/DrdkcmXUV78Ufl8lavPn+lxbzpey4U:RGM4/DHVv4uPncxHvz

Score

1^/10

Malware Config

Signatures

Files

Exodus_Spoofer.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ