General

  • Target

    spoofTRON.rar

  • Size

    6.9MB

  • MD5

    119f858d1c1250058fb4d5f6012dde2c

  • SHA1

    2206adf2ef2245468ab25b65dab86cdbdd6836d3

  • SHA256

    385e2cb864a7d92b88c019f82b9e6c6a9aaabfcff678cdac8adeec8ec929257c

  • SHA512

    29c2ac78289757a2bdd46596b40fe767280c5f1307b657f58abfba17db8b533e41c3fb0f9e06861de2dcdcd8708217411b6e502c96837f7cd8214b186f47a7e2

  • SSDEEP

    98304:WtsHYPkC+R1zsli0CsoI+ecyiM+vuo3HRheWjpYIEnwi2+LQ7bHgl9Yb5:Wts48DSHoruo32KYno+LmbgAb5

Score
10/10

Malware Config

Signatures

  • A stealer written in Python and packaged with Pyinstaller 1 IoCs
  • Blankgrabber family
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • spoofTRON.rar
    .rar

    Password: winware

  • SPOOFtron/Driver/SPOOFTRONDriver.exe
    .exe windows:5 windows x86 arch:x86

    Password: winware

    1a63922d5931d1bb8ca5188313f78eaa


    Headers

    Imports

    Sections

  • SPOOFtron/SpoofTRON.exe
    .exe windows:6 windows x64 arch:x64

    Password: winware

    72c4e339b7af8ab1ed2eb3821c98713a


    Headers

    Imports

    Sections

  • ��ۛ��.pyc