Drexys Spoofer[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Drexys Spoofer.exe
Size

121KB
MD5

200f87d6747cc468c964681c59a4f8ab
SHA1

9b4f03ca5b1eedfa283af0e62915e809cb285c8f
SHA256

1ee6fe475b65d104c7c3cef424fc8e98dbe143f89e818a21e5c641a9b1a28415
SHA512

0c708352275dd83aacd7cb5929601c941e2579f91fa8df90a79f8d7b56ef78142795db281b1be4b2dda0596c3bbde3cfaa2e5fc146905f6b8476b005e574e959
SSDEEP

1536:HU4SM9u6R2OyovxT+vda0C/Ui3SFSquQt1YipNo4OggA1Lpt8T+UTRp29sVb4goG:HUdM1CMT9szA4tOicW7t9m4WJqQqY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Drexys Spoofer.exe

Files

Drexys Spoofer.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\harri\Desktop\ass remake\niggerspoofa\obj\Debug\HwidSpoofer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ