XoR Spoofer[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

XoR Spoofer.exe
Size

74KB
MD5

f154e91deaa8d0e5a06b5953bb1d4809
SHA1

9ffda1c710a39e0161a48d4a9387aa94a3e00c62
SHA256

396d31dcca6d4123aa7169f1d323002e41a798b2e035618479013ea1e0389e39
SHA512

24bfce8a17e6023ae7d844e4b4f6150d42461a34b2f2edecd1861f0a9bfec8731f136a4b0c3df03762c5d5874b4eb14d72046130617be5651089994f56bab37a
SSDEEP

384:SCe9zvPOLeNcPcdkVQeJcPc1Xvx05r4NVX+oH38/1qmrc42mMPR45YHU/0/8Ipz1:SCe9zvGLeNcPcdkVQeJcPctvxL

Score

1^/10

Malware Config

Signatures

Files

XoR Spoofer.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ