HWID Spoofer v5[.]5[.]0[.]0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

HWID Spoofer v5.5.0.0.exe
Size

14.2MB
MD5

413f9043024691ff066071a7b6f3c583
SHA1

0f28decaf822e4be7e3b27b1e994d4ffce1aaaee
SHA256

2298e614ed79ddd594741aa4ff9e2f204ed64f2edcb05bcf951c08f16c2db853
SHA512

2d4fdefbca8f18206279eb4dffc322b91b8d80af913bea83b7dc42aca665051c5d27bd1749fbc1c26af21d71819e545d1eae524b8fecdd50ca7a7a7d10cace63
SSDEEP

393216:E37NqStNSpPSPoQ8IS+pIjsiSyLep82wy2C:EdtNStioQ8I9rryLAwW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
HWID Spoofer v5.5.0.0.exe

Files

HWID Spoofer v5.5.0.0.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

d/=0 v\
Size: 950KB - Virtual size: 950KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

d/=0 v\
Size: 950KB - Virtual size: 950KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 12.4MB - Virtual size: 12.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

FZHnshIV
Size: 512B - Virtual size: 22B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.????
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

f039fef0
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ