MeeV Spoofer[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

MeeV Spoofer.rar
Size

24.1MB
MD5

7797b922d3e1adb0b167bccc4735d534
SHA1

0591df178752dd4cf3a82628fa445074c5909f13
SHA256

8815d4597cdc668da03392cab1118fda3988a5e0a16bb64711cfc188358887a8
SHA512

c4c3255d9c9dbd6fea7c849c4e598eaa4e839b21636cf3bc5d5cb3d526aad8cdd499a4ab44849e5f8842bb1dccec98d39f7606266ea79ba6173cbc9c7aabf26d
SSDEEP

786432:oGpi5th8XvTF7foyqAoC1uH4kXr6xew/N1:ogi5b8BoyToCsH4k+xR7

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MeeV Spoofer/MeeV Spoofer.dll
unpack001/MeeV Spoofer/MeeV Spoofer.exe

Files

MeeV Spoofer.rar
.rar
MeeV Spoofer/MeeV Spoofer.deps.json
MeeV Spoofer/MeeV Spoofer.dll
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\ZerooDay\source\repos\MeeV Spoofer\MeeV Spoofer\obj\Release\net8.0\MeeV Spoofer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 33.4MB - Virtual size: 33.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MeeV Spoofer/MeeV Spoofer.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MeeV Spoofer/MeeV Spoofer.runtimeconfig.json
MeeV Spoofer/runtimes/win/lib/net8.0/System.Management.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:d2:da:19:16:5d:6d:c7:49:af:00:00:00:00:03:d2
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22/02/2024, 20:25

Not After

19/02/2025, 20:25

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e4:0d:7f:4c:77:53:36:ee:60:59:f2:5d:4c:80:50:32:e6:2d:87:02:c6:7d:59:cf:82:bd:9a:e9:5b:6c:67:3b
Signer

Actual PE Digest

e4:0d:7f:4c:77:53:36:ee:60:59:f2:5d:4c:80:50:32:e6:2d:87:02:c6:7d:59:cf:82:bd:9a:e9:5b:6c:67:3b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Management/Release/net8.0-windows/System.Management.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 33.4MB - Virtual size: 33.4MB

.rsrc Size: 261KB - Virtual size: 260KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 118KB - Virtual size: 118KB

.rsrc Size: 257KB - Virtual size: 257KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:d2:da:19:16:5d:6d:c7:49:af:00:00:00:00:03:d2Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

e4:0d:7f:4c:77:53:36:ee:60:59:f2:5d:4c:80:50:32:e6:2d:87:02:c6:7d:59:cf:82:bd:9a:e9:5b:6c:67:3bSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 292KB - Virtual size: 291KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 33.4MB - Virtual size: 33.4MB

.rsrc
Size: 261KB - Virtual size: 260KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 118KB - Virtual size: 118KB

.rsrc
Size: 257KB - Virtual size: 257KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:03:d2:da:19:16:5d:6d:c7:49:af:00:00:00:00:03:d2
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

e4:0d:7f:4c:77:53:36:ee:60:59:f2:5d:4c:80:50:32:e6:2d:87:02:c6:7d:59:cf:82:bd:9a:e9:5b:6c:67:3b
Signer

.text
Size: 292KB - Virtual size: 291KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B