spoofer-obf[.]exe | Triage

Submit
Reports

Overview

overview

1

Static

static

1

spoofer-obf.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

spoofer-obf.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

spoofer-obf.exe
Size

202KB
MD5

02584b3760ca60e077fdaddfa18f273f
SHA1

0244b55472a4b224210c4fc527b7757a82aeecc7
SHA256

8a740080604912ea1e66f2c27620dc75aa952c11df7b0a3004002cc41a229eba
SHA512

88ba2ca0a9680f45c765a75dc4019124f1603954fc49ffc261d48c1062700ea3bf8aa9c0ac48214f3be45bd52c1fc8a488ebf8ed6f1b7c9f3422e4f2d4b90819
SSDEEP

6144:FVMzLMX3iR2qw0K1mnLcEsags3em5V0V3BXte3:TiMX3iI8AtKN5WVxde3

Score

1^/10

Malware Config

Signatures

Files

spoofer-obf.exe
.exe windows x64

a4f1cfed8726e967680884635b914e1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

comctl32

ord380

advapi32

OpenProcessToken

gdi32

SelectObject

Sections

.MPRESS1
Size: 137KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.foo
Size: 512B - Virtual size: 22B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy