1ee96283672b7bfc133ccf7f037b169c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ee96283672b7bfc133ccf7f037b169c
Size

25KB
MD5

1ee96283672b7bfc133ccf7f037b169c
SHA1

a9850a832a1b565b38a8ad52dbd7901d9c860918
SHA256

85bdd1f07f2ad093ca6f2d51d289fbb5d912c199a4d830314571f23051a130fa
SHA512

4d505d50b01c69ba6f75f9e66a866657fae3f16adbad853c3fd771690b898ce622605533e45aafbd4c5a1fea755de4f369c2085d1c02609e8492140a65c59f7b
SSDEEP

768:ezN5bPIb8sUI4DwcnXAc4J73m4JEBAtB4cTWUOno:ezbzIb/yDucW3p7XMBo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dnsspoof/dnsspoof.exe

Files

1ee96283672b7bfc133ccf7f037b169c
.zip
dnsspoof/FILES
dnsspoof/README
dnsspoof/dnsspoof
.elf linux x86
dnsspoof/dnsspoof-linux.c
dnsspoof/dnsspoof-win.c
dnsspoof/dnsspoof.exe
.exe windows:1 windows x86 arch:x86

ab4cec84d322a8d834c3238a7935051e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind

user32

MessageBoxA

crtdll

_iob
__GetMainArgs
_snprintf
_strdup
abort
atoi
exit
fclose
fgets
fopen
fprintf
free
malloc
memset
printf
raise
signal
sprintf
strlen
strncpy
strtoul

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 936B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 776B - Virtual size: 776B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
dnsspoof/ipgenv2/README
dnsspoof/ipgenv2/ipgenv2.pl
.pl .sh linux
dnsspoof/makefile
dnsspoof/makefile-linux