Static task
static1
Behavioral task
behavioral1
Sample
spoofer.exe
Resource
win11-20231215-en
General
-
Target
spoofer.exe
-
Size
698KB
-
MD5
bd6041cf8bf06e087c221a86e4061ae4
-
SHA1
a51b8256e847b149e069476b0ec205681b6dd4f0
-
SHA256
b127a5991e49bde805f6c84c5ca63edd9b750a3e0f20e96883448dae093fa84f
-
SHA512
5bdcd1e6f08d12bc33085fbfad8f48bca6eb1f7d52a59ce6337bdac1ef341e748e2993c91ef98195e1df7c8a6e528428f23c921ecb9a93613f438b0591dd695a
-
SSDEEP
12288:cx1PoPgthC7FJTkd1dYpcKAF5NhMCkLU+uxwMe/A4mRgndlKz1MGqEZ:cxjhC7mdhFzhMxZuxK/ARRgd/G
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource spoofer.exe
Files
-
spoofer.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 695KB - Virtual size: 694KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ