D:\FOLDERS\Sources\Spoofers\kinse.cc temp spoofer s\New imgui\examples\example_win32_directx11\Release\kinse.cc spoofer.pdb
General
-
Target
kinse.cc_spoofer.exe
-
Size
8.0MB
-
MD5
3057fc4b812bc44b47859a890b56940b
-
SHA1
04ba800125ae032ae388906a9d543fcf15f56e55
-
SHA256
96dddce6a40d49e7753f389e14108abe417af619eef0a2d48d3cca5aff90d274
-
SHA512
237afb4872933629207d9bf21475b6bf525b19db226e15f7e325e792581d280bd7b4216f51b8cfdd8a34011b0c810f923db2ad89f3d488ef1e9b86cf188c5893
-
SSDEEP
196608:THGCtPb0t/IiLJ0KqoydYdYnz8UetcJinUE:THGC1b0t/IfK5d8ozcJ6UE
Score
7/10
Malware Config
Signatures
-
resource yara_rule sample vmprotect -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource kinse.cc_spoofer.exe
Files
-
kinse.cc_spoofer.exe.exe windows:6 windows x64 arch:x64
6c677b52d1c391c2249b2369eb57fb54
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
d3d11
D3D11CreateDeviceAndSwapChain
d3dcompiler_43
D3DCompile
kernel32
LocalFree
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress
user32
ReleaseCapture
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW
advapi32
IsValidSid
shell32
ShellExecuteA
msvcp140
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
imm32
ImmSetCandidateWindow
dwmapi
DwmExtendFrameIntoClientArea
d3dx11_43
D3DX11CreateShaderResourceViewFromMemory
ntdll
RtlInitUnicodeString
normaliz
IdnToAscii
wldap32
ord46
crypt32
PFXImportCertStore
ws2_32
closesocket
shlwapi
PathFindFileNameW
rpcrt4
UuidCreate
psapi
GetModuleInformation
userenv
UnloadUserProfile
vcruntime140
__std_terminate
vcruntime140_1
__CxxFrameHandler4
api-ms-win-crt-string-l1-1-0
strcmp
api-ms-win-crt-runtime-l1-1-0
_getpid
api-ms-win-crt-stdio-l1-1-0
_lseeki64
api-ms-win-crt-heap-l1-1-0
malloc
api-ms-win-crt-utility-l1-1-0
qsort
api-ms-win-crt-math-l1-1-0
cosf
api-ms-win-crt-convert-l1-1-0
strtoll
api-ms-win-crt-filesystem-l1-1-0
_stat64
api-ms-win-crt-time-l1-1-0
_gmtime64
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
wtsapi32
WTSSendMessageW
Sections
.text Size: - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 393KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.vmp0 Size: - Virtual size: 3.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.vmp1 Size: 8.0MB - Virtual size: 8.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 212B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 469B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ