abdispoofer[.]exe | Triage

Sharing

General

Target

abdispoofer.exe
Size

4.9MB
MD5

e6668af99f1078b03125d0d05ee0ea16
SHA1

8a63e74aceee47864ec8018eb30bab4911e6fa64
SHA256

247c2d4a4f3d90a0635b2c168b361b6b506e6fdd0f19fef1f69b089a71f3f59e
SHA512

3adfc15e11bee613d06f2f02655590bbc00fb04908c7df78c6e935ca2118eff94ce6034fa33b16bb6b1690fdbda9f8f02836ea97f504f85f8e4559748117aa97
SSDEEP

98304:QzWg2zCdPaQEd51GWRwDGpRIRmrHvkESY6SXvyQJkqXf0F7F:E52YyQEdOWyGpGGnB6SDJkSI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abdispoofer.exe

Files

abdispoofer.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

5[jD1
Size: 976KB - Virtual size: 975KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ