SpyNote X By Hiddn_Blaze[.]exe | Triage

Sharing

General

Target

SpyNote X By Hiddn_Blaze.exe
Size

2.7MB
MD5

cfdf9efcc5ca387d7f6bf9b00c4f1f93
SHA1

c344607008841f5fe16584bc96e3d00d2d038a34
SHA256

efa68ac6fc2a833823cf938970b8c9713f496c739f2fa4f29bc1d4930989900f
SHA512

e709668da12a706ea3adf59251db7b10c6a0db4f8749eb2a5c9bef3b85f2ca8881ec2aa83ce358c6f429a773ffa3f091856edb3de944cbc2753f8e33f40ee501
SSDEEP

49152:KZ4WmM8sKLVkb9oZw8QSMDtMAKsLaWevCtrQdVGQepcs41qSDso6RN:Km3zAoZw8QSmM7sLaWwYlAI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SpyNote X By Hiddn_Blaze.exe

Files

SpyNote X By Hiddn_Blaze.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ