freezeusspoof[.]sys | Triage

Submit
Reports

Static

static

1

Sharing

Static task

static1

General

Target

freezeusspoof.sys
Size

6KB
MD5

e43800e2c3e125b5e974b24788655c7b
SHA1

8415e50d8dc20ae7c44160a36f23547dc3138fc4
SHA256

914f9cb73f41ed77465d67e2b1f1d9a2d34cd375fce6be97e4964fa11fdd0582
SHA512

389a853df8f328bb427ad27d84ddeb523be81800287cc73ee8783e108600f81115c93a82252c8d0d261a0a26e549bc9e2f7d06037983be06ea4ff39bf604f92d
SSDEEP

96:eYvW5JAQ7P7o7wDExTSHWj7B1QEooZzsBzZwAS7S:emWPAQb7sQSYc4Bz9WS

Score

1^/10

Malware Config

Signatures

Files

freezeusspoof.sys
.sys windows:10 windows x64 arch:x64

410b48edaf470cbb2b101861e4c35b6b

Code Sign

8d:b7:d8:61:21:59:8f:20
Certificate

Issuer

CN=385a920c-b903-4856-9fb8-4085487b8d00

Not Before

04/09/2021, 12:00

Not After

05/09/2022, 00:00

Subject

CN=385a920c-b903-4856-9fb8-4085487b8d00

20:f6:06:e8:51:16:34:51:bf:81:32:e6:8d:9d:8b:97:dd:7a:fe:8b
Signer

Actual PE Digest

20:f6:06:e8:51:16:34:51:bf:81:32:e6:8d:9d:8b:97:dd:7a:fe:8b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\nicov\OneDrive\Desktop\Spoofer Source\Driver\Driver\build\bin\Premium.pdb

Imports

ntoskrnl.exe

RtlInitUnicodeString
ExAllocatePoolWithTag
ExFreePoolWithTag
ObfDereferenceObject
IoEnumerateDeviceObjectList
ObReferenceObjectByName
IoDriverObjectType
strstr
ZwQuerySystemInformation

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 342B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy