Midnight Free Spoofer[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Midnight Free Spoofer.exe
Size

628KB
MD5

06b742bf91eeab375ddaeec222d0d775
SHA1

3ea38973fc496248f22e628947a597d554fe72dc
SHA256

4e0f3f9b79cd6447dd359ef80016a52fcce0d494208de910396d3a2d46234288
SHA512

a0d6cbfb24aee021999262931ea464363a20a91c184f84e49d49585a2aaed3576022fc23ac68d97f1cfced9e3b499f40b596f2f7ebb48815d22ad49fe6de261b
SSDEEP

12288:mS1BbKqH2K1P67lUjUDI7xn8LhiJgdk0nN23Y:z1QqHd1P67lUjn7xn83Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Midnight Free Spoofer.exe

Files

Midnight Free Spoofer.exe
.exe windows:6 windows x64 arch:x64

c688c5826fcf5d4caa75879b561a22de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Water Bottle\Desktop\spooferv4\x64\Release\DirectX 9.pdb

Imports

d3d9

Direct3DCreate9

d3dx9_43

D3DXCreateTextureFromFileInMemory

gdi32

CreateRoundRectRgn

msvcp140

_Query_perf_frequency
?_Random_device@std@@YAIXZ
_Query_perf_counter
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z

user32

DestroyWindow
GetWindowRect
DefWindowProcW
SetWindowRgn
PeekMessageW
MoveWindow
TranslateMessage
PostQuitMessage
UpdateWindow
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
CreateWindowExW
GetKeyState
ScreenToClient
GetCapture
ClientToScreen
TrackMouseEvent
GetForegroundWindow
LoadCursorW
SetCapture
SetCursor
GetClientRect
IsWindowUnicode
ReleaseCapture
SetCursorPos
GetCursorPos
MessageBoxW
GetSystemMetrics
UnregisterClassW
RegisterClassExW
ShowWindow
SetClipboardData
DispatchMessageW

kernel32

GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetModuleHandleW
VirtualAlloc
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
QueryPerformanceCounter
FreeLibrary
GetProcAddress
QueryPerformanceFrequency
LoadLibraryA
MultiByteToWideChar

imm32

ImmGetContext
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmReleaseContext

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcpy
memcmp
memchr
memmove
memset
_CxxThrowException
__C_specific_handler
__current_exception_context
__std_terminate
__std_exception_destroy
__std_exception_copy
strstr
__current_exception

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
fclose
fwrite
fseek
__stdio_common_vsprintf
fread
_set_fmode
__stdio_common_vsscanf
_wfopen
fflush
__acrt_iob_func
__p__commode
ftell

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-string-l1-1-0

strncmp
strncpy
strcmp

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free
_callnewh
malloc

api-ms-win-crt-runtime-l1-1-0

_register_thread_local_exe_atexit_callback
_c_exit
_exit
exit
_initterm_e
_initterm
system
_get_narrow_winmain_command_line
_invalid_parameter_noinfo_noreturn
_set_app_type
_seh_filter_exe
terminate
_cexit
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit

api-ms-win-crt-math-l1-1-0

fmodf
acosf
ceilf
sinf
__setusermatherr
sqrtf
cosf

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 223KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c688c5826fcf5d4caa75879b561a22de

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d9

d3dx9_43

gdi32

msvcp140

user32

kernel32

imm32

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 324KB - Virtual size: 324KB

.rdata Size: 67KB - Virtual size: 66KB

.data Size: 223KB - Virtual size: 227KB

.pdata Size: 11KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 516B

.text
Size: 324KB - Virtual size: 324KB

.rdata
Size: 67KB - Virtual size: 66KB

.data
Size: 223KB - Virtual size: 227KB

.pdata
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 516B