HWID Spoofer and Cheat[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HWID Spoofer and Cheat.exe
Size

596KB
MD5

1b4fbfe581d79b7a15ce965191f2cb54
SHA1

b23da585fbc549a75413335b4aed929a21a797f7
SHA256

a7106f8833035e45956b02d9150f380088ba3d122baf6c22fb119b4e172bdb7f
SHA512

6e7274a0dfbdcdba9e7afe4fa5df24ad71876628725021215879690d7a6efb8e12b9b73670e556352db8f0864c00ba4d918a39f26367abe3bd5a494b904ae64a
SSDEEP

6144:WgUcVgUc0c0mwXSIUIZ63C3FHz3r3uTVFY+DgL6cMUHSgUqj6AGxp5camOKkmsge:W4V4J0mwCIUl3OFHvuwbPHH6Wfkms4nA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HWID Spoofer and Cheat.exe

Files

HWID Spoofer and Cheat.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 522KB - Virtual size: 522KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.dark
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ