General
-
Target
Spoofer-V2.exe
-
Size
7.3MB
-
Sample
240624-1jjs7awdqk
-
MD5
2cb0c308999d3a1b70fd9b9151a4120c
-
SHA1
82e6238433e83cd4c94108748439f93c861e73fa
-
SHA256
b10488502194f6a2ba6bdf545d38f5c636f0f821564b0a174a573beaee2dfe01
-
SHA512
15fd8ace5ff6ff21a8f218fd900adab75017dbb3c6a7cbe84643627b6e44de307f74dd2a2dde928b02d9cace0074767bf0cf9d4ed2caf58c5ef7850aa601f046
-
SSDEEP
196608:D10cDepLjv+bhqNVoBKUh8mz4Iv9Pfu1D78:WieRL+9qz8/b4IBuR8
Behavioral task
behavioral1
Sample
Spoofer-V2.exe
Resource
win10-20240611-en
Malware Config
Targets
-
-
Target
Spoofer-V2.exe
-
Size
7.3MB
-
MD5
2cb0c308999d3a1b70fd9b9151a4120c
-
SHA1
82e6238433e83cd4c94108748439f93c861e73fa
-
SHA256
b10488502194f6a2ba6bdf545d38f5c636f0f821564b0a174a573beaee2dfe01
-
SHA512
15fd8ace5ff6ff21a8f218fd900adab75017dbb3c6a7cbe84643627b6e44de307f74dd2a2dde928b02d9cace0074767bf0cf9d4ed2caf58c5ef7850aa601f046
-
SSDEEP
196608:D10cDepLjv+bhqNVoBKUh8mz4Iv9Pfu1D78:WieRL+9qz8/b4IBuR8
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Hide Artifacts: Hidden Files and Directories
-