Resubmissions

17/02/2024, 23:17

240217-297hlsbf4v 8

17/02/2024, 23:15

240217-28q48sbf3y 5

General

  • Target

    kernelmode.zip

  • Size

    944KB

  • MD5

    51bc10ff032d1f941277e011eb256081

  • SHA1

    7e0f72e847efdbde3a46ba9739de943f8efa1f23

  • SHA256

    f526bc5ca761a868e9211fd015102c9baaff76bd92cfd439b3a06efe4b68787d

  • SHA512

    cf246494a5e06b3b42dfb2732759f405dcb55c493516a341c2cf7670d939fa8987142e73b9335fa7ed2d094c0b2029dfc491b269a2f6db52ac05b6241a9e5a2b

  • SSDEEP

    24576:JjA3JA5kd4K53YAge64D1XGWRQoy7rNaVChPw6:JjGJABFAHVD1ITN8GL

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • kernelmode.zip
    .zip

    Password: Vayzer

  • kernelmode/goosext.exe
    .exe windows:6 windows x64 arch:x64

    Password: Vayzer

    1f0230d852ffc4fcc9411ae654a24300


    Headers

    Imports

    Sections

  • kernelmode/kernelmode.sys
    .sys windows:10 windows x64 arch:x64

    13fcff0e0da006b212f6c2c9c4c02307


    Headers

    Imports

    Sections

  • kernelmode/spoofer.exe
    .exe windows:5 windows x86 arch:x86

    Password: Vayzer

    bf5a4aa99e5b160f8521cadd6bfe73b8


    Code Sign

    Headers

    Imports

    Sections