General

Malware Config

Signatures

Files

• Hyper-HWID-Spoofer.zip

  .zip
• Hyper HWID Spoofer/Hyper Spoofer.exe

  .exe windows:6 windows x64 arch:x64

  6dbf27f4c70fe2c8ed3e0122ba75d641

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_GUARD_CF

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  PDB Paths

  D:\a\_work\1\s\artifacts\obj\win-x64.Release\corehost\apphost\standalone\apphost.pdb

  Imports

  kernel32

  FindNextFileW

  GetCurrentProcess

  GetModuleHandleExW

  GetModuleFileNameW

  LeaveCriticalSection

  InitializeCriticalSection

  GetEnvironmentVariableW

  FindClose

  MultiByteToWideChar

  GetLastError

  GetFileAttributesExW

  GetFullPathNameW

  GetProcAddress

  DeleteCriticalSection

  WideCharToMultiByte

  IsWow64Process

  LoadLibraryExW

  FreeLibrary

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  EnterCriticalSection

  FindFirstFileExW

  OutputDebugStringW

  LoadLibraryA

  GetModuleHandleW

  InitializeCriticalSectionAndSpinCount

  SetLastError

  RaiseException

  RtlPcToFileHeader

  RtlUnwindEx

  InitializeSListHead

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  IsDebuggerPresent

  IsProcessorFeaturePresent

  TerminateProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlVirtualUnwind

  RtlLookupFunctionEntry

  RtlCaptureContext

  LCMapStringEx

  DecodePointer

  EncodePointer

  InitializeCriticalSectionEx

  GetStringTypeW

  user32

  MessageBoxW

  shell32

  ShellExecuteW

  advapi32

  RegOpenKeyExW

  RegGetValueW

  DeregisterEventSource

  RegisterEventSourceW

  ReportEventW

  RegCloseKey

  api-ms-win-crt-runtime-l1-1-0

  _exit

  __p___argc

  _initterm_e

  _initterm

  _get_initial_wide_environment

  _invalid_parameter_noinfo_noreturn

  _initialize_wide_environment

  _configure_wide_argv

  _initialize_onexit_table

  _set_app_type

  __p___wargv

  _seh_filter_exe

  _register_onexit_function

  _cexit

  terminate

  _errno

  exit

  abort

  _crt_atexit

  _c_exit

  _register_thread_local_exe_atexit_callback

  api-ms-win-crt-stdio-l1-1-0

  setvbuf

  fflush

  _wfopen

  __stdio_common_vswprintf

  __stdio_common_vfwprintf

  _set_fmode

  __stdio_common_vsprintf_s

  __acrt_iob_func

  fputwc

  fputws

  __p__commode

  api-ms-win-crt-heap-l1-1-0

  _set_new_mode

  _callnewh

  free

  malloc

  calloc

  api-ms-win-crt-string-l1-1-0

  wcsnlen

  strcpy_s

  _wcsdup

  strcspn

  wcsncmp

  toupper

  api-ms-win-crt-convert-l1-1-0

  _wtoi

  wcstoul

  api-ms-win-crt-locale-l1-1-0

  setlocale

  ___lc_locale_name_func

  localeconv

  _unlock_locales

  _lock_locales

  ___mb_cur_max_func

  _configthreadlocale

  __pctype_func

  ___lc_codepage_func

  api-ms-win-crt-math-l1-1-0

  frexp

  __setusermatherr

  api-ms-win-crt-time-l1-1-0

  _gmtime64_s

  _time64

  wcsftime

  Sections

  .text

  Size: 97KB - Virtual size: 96KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 37KB - Virtual size: 36KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 2KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  _RDATA

  Size: 512B - Virtual size: 244B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 1024B - Virtual size: 792B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

• Hyper HWID Spoofer/Hypermenu.xyz.dll

  .exe windows:4 windows x86 arch:x86

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  PDB Paths

  C:\Users\whatw\Desktop\SecHex-CMDLINE\RPZ-HWID\obj\Release\net6.0\Hypermenu.xyz.pdb

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 19KB - Virtual size: 19KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

• Hyper HWID Spoofer/Hypermenu.xyz.runtimeconfig.json