HWID-shifter-main[.]zip

Resubmissions

21/08/2024, 21:43

240821-1lb65awcjl 3

21/08/2024, 21:40

240821-1je51asapd 3

Sharing

Copy URL Twitter E-mail

General

Target

HWID-shifter-main.zip
Size

20KB
MD5

a0a2118f2c0e33bca51b50b9c2fedde4
SHA1

d05b5e1c70279e6c9466f81091e8063b53658c69
SHA256

6ae43a0f49ab49058b4ba5df0556e755eeec7e4fe2e71b7cdea0bf8720a08fae
SHA512

95f944dd949a5100859926aaa98896382c9adb5d91d67efc716c4b774847e71f5003cc7561a4a5f2d174ab98d2809cffe1530aa66181691a38f76405f746b2c9
SSDEEP

384:7DUlchSEo1N3sUVmm55Ire9BWMR3ru+0q4E2GCegvUnr:0lcxgN3Zw4AeXWUi+0Y2GCe5r

Score

1^/10

Malware Config

Signatures

Files

HWID-shifter-main.zip
.zip
HWID-shifter-main/README.md
HWID-shifter-main/Release/Run_Me.bat
.bat .vbs
HWID-shifter-main/Release/spoofer.sys
.sys windows:10 windows x64 arch:x64

917798694e8c78c6e26f61304feccd33

Code Sign

5c:63:39:e7:9d:25:ce:89:46:0d:1f:98:8a:0b:6c:44
Certificate

Issuer

CN=WDKTestCert VentrixCode\,131717327640159255

Not Before

25/05/2018, 14:39

Not After

25/05/2028, 00:00

Subject

CN=WDKTestCert VentrixCode\,131717327640159255

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageKeyEncipherment
KeyUsageDataEncipherment

99:95:e0:f4:6c:fa:4c:57:58:e5:d5:22:dd:45:40:41:f5:61:f6:f0
Signer

Actual PE Digest

99:95:e0:f4:6c:fa:4c:57:58:e5:d5:22:dd:45:40:41:f5:61:f6:f0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntoskrnl.exe

RtlInitUnicodeString
KeQuerySystemTimePrecise
ExAllocatePool
ExFreePoolWithTag
RtlRandomEx
ObReferenceObjectByName
IoDriverObjectType

Sections

.text
Size: 1024B - Virtual size: 922B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HWID-shifter-main/Source/.gitignore
HWID-shifter-main/Source/defs.h
HWID-shifter-main/Source/fnv.hpp
HWID-shifter-main/Source/hwid-shifter.sln
HWID-shifter-main/Source/hwid.cpp
HWID-shifter-main/Source/hwid.vcxproj
HWID-shifter-main/Source/hwid.vcxproj.filters
HWID-shifter-main/Source/serial_gen.cpp

Resubmissions

Sharing

General

Malware Config

Signatures

Files

917798694e8c78c6e26f61304feccd33

Code Sign

5c:63:39:e7:9d:25:ce:89:46:0d:1f:98:8a:0b:6c:44Certificate

Extended Key Usages

Key Usages

99:95:e0:f4:6c:fa:4c:57:58:e5:d5:22:dd:45:40:41:f5:61:f6:f0Signer

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 1024B - Virtual size: 922B

.rdata Size: 1024B - Virtual size: 524B

.data Size: 512B - Virtual size: 84B

.pdata Size: 512B - Virtual size: 120B

INIT Size: 512B - Virtual size: 270B

5c:63:39:e7:9d:25:ce:89:46:0d:1f:98:8a:0b:6c:44
Certificate

99:95:e0:f4:6c:fa:4c:57:58:e5:d5:22:dd:45:40:41:f5:61:f6:f0
Signer

.text
Size: 1024B - Virtual size: 922B

.rdata
Size: 1024B - Virtual size: 524B

.data
Size: 512B - Virtual size: 84B

.pdata
Size: 512B - Virtual size: 120B

INIT
Size: 512B - Virtual size: 270B