Grey_Spoofer_protected-_SENHA_123[.]zip

Resubmissions

19/04/2024, 16:06

240419-tj9ahsgf44 7

19/04/2024, 16:04

240419-thzdxsge86 7

Sharing

Copy URL Twitter E-mail

General

Target

Grey_Spoofer_protected-_SENHA_123.zip
Size

5.9MB
MD5

1516187910688c2c484537c02520f2b2
SHA1

9a25ba596bb4fb1fcd58c70e76663b44090e9515
SHA256

c50c5dc1cc4737f54eabc153bed9608c8b36ccd675334d4a3c62270d9f7bf7bb
SHA512

de8849764cabf65d3545c06bb3a19272e12aa453f8182433f5ff1c9e914f6ad7dfae08d43e644bbb167647a39cb13156a0a069157e6241261c7ed165409a70df
SSDEEP

98304:WW+vF88hYtJwRIbuVzIX9Y8u6A6ID1jOmAcNg38l13PfZPjYWDL+Hsj:WxthQSIadIX9YXdHVv5Ng3gfZPjNLf

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
static1/unpack001/Grey_Spoofer_protected- SENHA 123/Grey Spoofer_protected.exe	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Grey_Spoofer_protected- SENHA 123/Grey Spoofer_protected.exe

Files

Grey_Spoofer_protected-_SENHA_123.zip
.zip
Grey_Spoofer_protected- SENHA 123/Grey Spoofer_protected.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 636KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 139KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1.2MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 32KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 275B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.taggant
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Grey_Spoofer_protected- SENHA 123/imgui.ini
Grey_Spoofer_protected- SENHA 123/patched.1337

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 636KB - Virtual size: 1.2MB

Size: 139KB - Virtual size: 353KB

Size: 1.2MB - Virtual size: 2.0MB

Size: 32KB - Virtual size: 55KB

Size: 275B - Virtual size: 488B

Size: 2KB - Virtual size: 4KB

.imports Size: 2KB - Virtual size: 4KB

.tls Size: 10KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 4KB

.themida Size: - Virtual size: 5.5MB

.boot Size: 3.9MB - Virtual size: 3.9MB

.reloc Size: 512B - Virtual size: 4KB

.taggant Size: 8KB - Virtual size: 8KB

.imports
Size: 2KB - Virtual size: 4KB

.tls
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 4KB

.themida
Size: - Virtual size: 5.5MB

.boot
Size: 3.9MB - Virtual size: 3.9MB

.reloc
Size: 512B - Virtual size: 4KB

.taggant
Size: 8KB - Virtual size: 8KB