Exp-Spoofer[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Exp-Spoofer.exe
Size

907KB
MD5

e805a2ba1b9c182d2d812c2b53dfc008
SHA1

7656f7fe2c38f5760ba8f4f4b9a50f3dc3358b04
SHA256

4a38297819be1ea3ccad478115d7a94a8a7990d6fdf403012d0069bb20d29794
SHA512

3cdd2a9249588402f5da03ded8357aa84e79be8dadc6d269f80222cbf4b498df9ec80e11aab09be02078eac024c873df7690847ce60ac174897c02d1cb8d9aa8
SSDEEP

24576:IYyYAn8MVY2Dq+0T3LMafdyFhiKFA1Kvf5FL:IPM2Dq9LYaf0+if5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Exp-Spoofer.exe

Files

Exp-Spoofer.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

_0
Size: 876KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_1
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_2
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_3
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_4
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ