netspy32[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

netspy32.exe
Size

6.7MB
MD5

f280e2f5afbdc01bd3c0dbdd890307c3
SHA1

3e40b13f9993044b5512e6ec363a3699d9f01bf9
SHA256

e4084157f95fba3f70d44fd5ecb05999033c2bcf0137c894ace6084f719d038c
SHA512

52808c45f3fc05e5e13d24702d6ccbd43ad761aeac648bf4d6f381bfb9b73be694054c660ed986d122095a4adb1564571adaf6444d450ed588f3fb7d5c785981
SSDEEP

98304:pwUwzOZcMW1PrjpNzx54ZMsPpiJM88cyZQ2:Dw+W3NdcMyp4W7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
netspy32.exe

Files

netspy32.exe
.exe windows:6 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 295B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 414KB - Virtual size: 413KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/32
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/46
Size: 512B - Virtual size: 42B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/65
Size: 752KB - Virtual size: 751KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 431KB - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/90
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 2.2MB - Virtual size: 2.2MB

.data Size: 108KB - Virtual size: 276KB

/4 Size: 512B - Virtual size: 295B

/19 Size: 414KB - Virtual size: 413KB

/32 Size: 80KB - Virtual size: 79KB

/46 Size: 512B - Virtual size: 42B

/65 Size: 752KB - Virtual size: 751KB

/78 Size: 431KB - Virtual size: 431KB

/90 Size: 157KB - Virtual size: 157KB

.idata Size: 1024B - Virtual size: 988B

.reloc Size: 113KB - Virtual size: 112KB

.symtab Size: 390KB - Virtual size: 390KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 2.2MB - Virtual size: 2.2MB

.data
Size: 108KB - Virtual size: 276KB

/4
Size: 512B - Virtual size: 295B

/19
Size: 414KB - Virtual size: 413KB

/32
Size: 80KB - Virtual size: 79KB

/46
Size: 512B - Virtual size: 42B

/65
Size: 752KB - Virtual size: 751KB

/78
Size: 431KB - Virtual size: 431KB

/90
Size: 157KB - Virtual size: 157KB

.idata
Size: 1024B - Virtual size: 988B

.reloc
Size: 113KB - Virtual size: 112KB

.symtab
Size: 390KB - Virtual size: 390KB