HwidSpoofer[.]com Remake Bender[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HwidSpoofer.com Remake Bender.exe
Size

872KB
MD5

1e29ec86f878e9e2414d54db2a084e28
SHA1

8756dfb5d2ea3d744e974cf1f99216481688a2d0
SHA256

0f97ab45e1e9ee3e8ea8d9c4c49e8d129024662bca72d0e3821bb8858e60f737
SHA512

dbcd228072d339d4566db505a645a2e06eeafbcfb8b7c8cbae9b5f5fefde6380d39ce071c248c2bb141e7330638bad19c84f11c9146537170f26b68a26757118
SSDEEP

24576:8XQXsaajFr1F8WvemMCsu6W5Gb5fceCr8Yr:8gHAF5cdCbcxcUYr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HwidSpoofer.com Remake Bender.exe

Files

HwidSpoofer.com Remake Bender.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Windows.old\Users\leonk\Desktop\Bender Remakes\Remakes\HwidSpoofer.com Remake\HwidSpoofer.com Remake Bender\HwidSpoofer.com Remake Bender\obj\Debug\HwidSpoofer.com Remake Bender.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 869KB - Virtual size: 868KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ