Overview

overview

8

Static

static

3

VALO_SPOOF.rar

windows7-x64

3

VALO_SPOOF.rar

windows10-2004-x64

3

VALO SPOOF...64.exe

windows7-x64

1

VALO SPOOF...64.exe

windows10-2004-x64

1

VALO SPOOF...of.bat

windows7-x64

8

VALO SPOOF...of.bat

windows10-2004-x64

8

VALO SPOOF...sk.exe

windows7-x64

6

VALO SPOOF...sk.exe

windows10-2004-x64

6

VALO SPOOF...er.exe

windows7-x64

1

VALO SPOOF...er.exe

windows10-2004-x64

1

VALO SPOOF...er.bat

windows7-x64

1

VALO SPOOF...er.bat

windows10-2004-x64

1

VALO SPOOF...64.sys

windows7-x64

1

VALO SPOOF...64.sys

windows10-2004-x64

1

VALO SPOOF...64.sys

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    VALO_SPOOF.rar

  • Size

    462KB

  • MD5

    dcad9d9fcda45f01ab55d15f7a48a263

  • SHA1

    ef98cb4be6c346f47d16847cd92e614733228e88

  • SHA256

    36f942ea3eff9814b462764ec63e0f65f05bdf5ae3cfe1bc4d314a070f8b9075

  • SHA512

    0c751947369c3c5361a19a6152f75caa705584b7c2057f3e86a8eccc05356feefdd03119354dabbe0e084cb5474b3657cd6e2e63159dd308d0c2bac088818ecc

  • SSDEEP

    12288:SuyeK3dRCvpR2/TgJRNWsuvB+0U12DBYaIyW1g3P:SuypPAyUJDWd+51spW23P

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • VALO_SPOOF.rar
    .rar
  • VALO SPOOF/AMIDEWINx64.EXE
    .exe windows:5 windows x64 arch:x64

    5d7543265f1d05f9bd6a417f4988fb48


    Headers

    Imports

    Sections

  • VALO SPOOF/AmiSpoof.bat
  • VALO SPOOF/HardDisk.exe
    .exe windows:5 windows x86 arch:x86

    6b71a51c953ff20af290e7286a7dad23


    Headers

    Imports

    Sections

  • VALO SPOOF/MAC_Address_Changer.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • VALO SPOOF/SerialsChecker.bat
  • VALO SPOOF/amifldrv64.sys
    .sys windows:6 windows x64 arch:x64

    4fbdc03e4487f98fb59360ea5b3e640d


    Code Sign

    Headers

    Imports

    Sections

  • VALO SPOOF/amigendrv64.sys
    .sys windows:10 windows x64 arch:x64

    f9141c3df8f7ec7b3f2d46265a3b5528


    Code Sign

    Headers

    Imports

    Sections