a97139cfc3e5cef33099ea2060ae09e8b4fcf57670b5e8e258abe6276f524202

Sharing

Copy URL

Twitter E-mail

General

Target

HWID-SPOOFER-main.zip
Size

584KB
Sample

240222-lq8nkafd3s
MD5

11ed4ded2334ca14c0541f331f86135b
SHA1

d8cc4de6616d799a40fbe371bb3f954b4547024f
SHA256

a97139cfc3e5cef33099ea2060ae09e8b4fcf57670b5e8e258abe6276f524202
SHA512

6e2d49dcfa5796eda0b66c8c170856911d0eaa5933ca218b8eab43e1cc014b7bc42623a4b7b4cdf6f46659f9faac092c8e1be4e36921ae461a5fefa88caa9ea5
SSDEEP

12288:4KSmTFPvU4UE33I1xmRjJiulBy0WmuUP0asQHLXEEtgw:4bmpXU4rHI1xSiuWZUq8LXEogw

Score

10^/10

Malware Config

Targets

- Target
  
  HWID-SPOOFER-main/Commands/Hidden/Adapters.exe
- Size
  
  335KB
- MD5
  
  934bbc5411c532964f3bbe42cb1c1785
- SHA1
  
  dcddde340e7f080716abaa456971b9aa85bd084b
- SHA256
  
  b3de6d10d9f94037b88f736609e50a8a4c4d516ca50107dedd575797a654c28e
- SHA512
  
  8db126cb8381fe84afe25b25e854eb8de25e43f2638e0d87740ce3fe33338b032b09d9551655afedecfe39cb7482f88e72ccdb28afb59684474084a28da71cb2
- SSDEEP
  
  6144:QlGlXIiIGWbsTXO/P/bbUmmUhquD2S6FEJQzZnCvTkJCps9Q18RQj7dVJTrQkEj2:QlGlXIiIGWbsTXO/P/3mUhquD2S6DzZl
Score

1^/10
behavioral1
- Target
  
  HWID-SPOOFER-main/Commands/Hidden/Adapters2.exe
- Size
  
  341KB
- MD5
  
  bb36d4578ce201dc932ab6bbc079875c
- SHA1
  
  f614f8211bba9d578eb19e7d96a0314b5a51e662
- SHA256
  
  4c831252aa6f193c4474ba74f352bee7d00099dfaf5ac6e98ab1253e21999b4a
- SHA512
  
  ea66cffc96403f69f1b1a3e4f7b0c2fb5045655e2f10772f4d0e5dc9d0243e99c972ae9247c597de680ed7886896a335bc82dde8b162515f15ba368ff25fdebe
- SSDEEP
  
  6144:zlxFkdqBBydxtri9gvdRWKPmawYItN6atI/cFVygZnCv6hqGPs7fYv8dMQZgxiQT:zlxFkdqBBydxtri9gvdRWKPmawYItwax
Score

1^/10
behavioral2
- Target
  
  HWID-SPOOFER-main/Commands/Hidden/AlternateStreamView.exe
- Size
  
  109KB
- MD5
  
  caede4f12ac17f3e0ad8e3c923fd510a
- SHA1
  
  107616433f973110664ceda2ca64c21fb7a92825
- SHA256
  
  669ce40107a2e05fc93dd37df55c77eb155705b449b2e236423e8bb96b9985f0
- SHA512
  
  69898a4d39ba4415da8c8e5eb8a1a012d4db87f24e61f63a50b3af07e65d2aed6cc4b24ed315e5a20dea91fa1903fac92a5eefbbff8b8cb90c7259413cd93162
- SSDEEP
  
  3072:6SuY8BQkSJllKctuKvF2CIlMd1krc1uRCiOoCW7ZlFzG:E0wY25facROh
Score

3^/10
behavioral3
- Target
  
  HWID-SPOOFER-main/Commands/Hidden/Block.exe
- Size
  
  119KB
- MD5
  
  5782b8d469bbc9045ebd2316c2aefbd5
- SHA1
  
  f679adea19ac0e88a50cfefb88825a086102f77d
- SHA256
  
  dfd08e1d7a34bae6836b3915b45b8637b85cdc998198c5bf148fba5e96f15c21
- SHA512
  
  e57ed92d3c916b89e5f830fb52a63b330e404ea91a7cc0e0b0e8cfb03f9bea7252f1fa8fcf3950ae2bd404dcd189eeac27bcdc1cf529acd8ebde0bc5f457d023
- SSDEEP
  
  3072:u2sMWkzbJh1qZ9QW69hd1MMdxPe9N9uA0hu9TBfcXnI:PbJhs7QW69hd1MMdxPe9N9uA0hu9TBKI
Score

3^/10
behavioral4
- Target
  
  HWID-SPOOFER-main/Commands/Hidden/UnbanComplete.vbs
- Size
  
  49B
- MD5
  
  4edf8ecaf575c93e307bdce09aa46e8c
- SHA1
  
  76c189b32fd69a3694e1dd14776cee1c1cc6c483
- SHA256
  
  537f70f7b018610dfedd4bcecf041d845eab0c673e129185c2345eb68a95fe77
- SHA512
  
  ce5921344aadcc9fce5141d416ca92e5772c1c37a0e8724c09c6c2ac579528a21e5fc8659c91db68810763b403fd9760d75102f6c22db84f8f5fe13fefaf6f1a
Score

1^/10
behavioral5
- Target
  
  HWID-SPOOFER-main/Commands/Hidden/process.bat
- Size
  
  1001B
- MD5
  
  2d3f9b2d001abd6e58ac6f0e7337c619
- SHA1
  
  7053a604a394f479b643783098adb056d69a404b
- SHA256
  
  ef702ce2f8fb1bc71fb60e8b95cb83cef4fa66aa96afd7ca4fd67c96530b6e53
- SHA512
  
  60d4a7e203e37194f4a78f1c581728197b3cd6581d70e185ba6d0d8206aca3a732319b28fef776028015615ebc0ab164a9c935081cd2496b866c63ad6358fccf
Score

1^/10
behavioral6
- Target
  
  HWID-SPOOFER-main/Commands/Hidden/spoofer.sys
- Size
  
  6KB
- MD5
  
  96756deaff1b2667883d4a21e43f4f65
- SHA1
  
  bce3d6fb9eec3f2d2695d96e61442a58039d594a
- SHA256
  
  1992c044963f5c77aa7b5462e2bb69a37c66bc0e13032524fb1663c0314fd420
- SHA512
  
  b6f472c8296bbef5da4baf638e98c2e0c42ba3fa783c69a6c0cc1e2f92f4c365d6d1c0bcf26e1644bacd4a001fd97c19b5fe2b616ba3c0982fc7edefcb59ef7f
- SSDEEP
  
  96:eA/w8VE6wC4NrkXyhWZ2JMQ4LI5aUZ1ZM2a3:v/f/skjZAMTOA2a3
Score

1^/10
behavioral7
- Target
  
  HWID-SPOOFER-main/hwid spoofer COMPILED.exe
- Size
  
  241KB
- MD5
  
  eec490e25c753e798f20ee46c9bafc13
- SHA1
  
  4028e1e662d2051df15ce995f31bfc33e30701c5
- SHA256
  
  45bc77923d69aa49cb17de2983e406947057d257598733fb1727df4337f3686d
- SHA512
  
  8a5d76be7e1f03b0902fdb6a1e54da0efc22290167fa9ea2d69deded25af6623e7df37bc48c5040fec39630ed8dec3a052a564d8d7763f4f526bd105e0f13753
- SSDEEP
  
  3072:iZA27AXttpo+FN2EtWmsB+fIeocGlF/CKy5dg5U3B07TafV+S6bPllb9eAg0FujZ:imL8ZhF/bybgKxdV99AOGyoPGCm
Score

8^/10
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral8
- Target
  
  HWID-SPOOFER-main/hwid.ps1
- Size
  
  3KB
- MD5
  
  05673d49cc5f31e3d4812b7cb7419641
- SHA1
  
  07b3b298b067439da6e6ae37e51bb1701c33165a
- SHA256
  
  c7c54526b07f457e58d423ab22d61a0efd78ad112be2ef0a1efe6c25013df185
- SHA512
  
  5f5f380a3cad0cf1aa95244d6b1fca4ccdd10c8c882e045405d5600f242b8ed3306f485a3396db9c362f345b79b03d2db79aad7a1d92f09167beea0acf524d32
Score

1^/10
behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Process Discovery

T1057

Query Registry

T1012

Remote System Discovery

T1018

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Blocklisted process makes network request

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9