Overview
overview
7Static
static
7Frozen Spo...me.dll
windows7-x64
1Frozen Spo...me.dll
windows10-2004-x64
1Frozen Spo...UI.dll
windows7-x64
1Frozen Spo...UI.dll
windows10-2004-x64
1Frozen Spo...I2.dll
windows7-x64
1Frozen Spo...I2.dll
windows10-2004-x64
1Frozen Spo...UI.dll
windows7-x64
1Frozen Spo...UI.dll
windows10-2004-x64
1Frozen Spo...an.exe
windows7-x64
7Frozen Spo...an.exe
windows10-2004-x64
7General
-
Target
Frozen Spoofer.rar
-
Size
34.9MB
-
Sample
240627-11kf2swemj
-
MD5
8a93edd0031969834fc755632e90763c
-
SHA1
ea710727accc41d50b894fb7798302f6011b3e50
-
SHA256
85bbf058c82fa2979a3f3fa7e9b300711cacdf5da405006f3ef0265d29bf368d
-
SHA512
9d156c5f2f64b37fc2ebf60997b4cfdf4f9953e12a0a059930ced74a9dde761431925e3c5127026edc5fe2781a9bc08902e2ba013056bb0c43bf2b1c39a66fb5
-
SSDEEP
786432:YBJThnJEz1K4XtozlSrttrX9r3FcF6CSwKKnfFr0Mf:uJTpJM1dXtAlSBF97FJWfmMf
Behavioral task
behavioral1
Sample
Frozen Spoofer/AgileDotNet.VMRuntime.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Frozen Spoofer/AgileDotNet.VMRuntime.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
Frozen Spoofer/Guna.UI.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
Frozen Spoofer/Guna.UI.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
Frozen Spoofer/Guna.UI2.dll
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
Frozen Spoofer/Guna.UI2.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
Frozen Spoofer/Siticone.UI.dll
Resource
win7-20231129-en
Behavioral task
behavioral8
Sample
Frozen Spoofer/Siticone.UI.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
Frozen Spoofer/permunban.exe
Resource
win7-20240611-en
Behavioral task
behavioral10
Sample
Frozen Spoofer/permunban.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
Frozen Spoofer/AgileDotNet.VMRuntime.dll
-
Size
328KB
-
MD5
f5483c14f581f42456fadae27ef55684
-
SHA1
1b8e76c9fb37c9a8d1f8472e69198cbdb566dbba
-
SHA256
64f398b6713fa649015fdd856c93bdd154031e9a2eefc0d4d5c1b96d90b42475
-
SHA512
4bd032dfdf8a1ff4550f6ed97ac43ead0f547da59c4015759dc4a3086cc911d53ea4691f509589c4c3e920f3d85266143c2d02f33db2d5ac3ee103ee77571186
-
SSDEEP
6144:WIwJ8mHw8daY2WMAqoKWvEpksAxg35oNoQXjRwfxXo+:nHr9
Score1/10 -
-
-
Target
Frozen Spoofer/Guna.UI.dll
-
Size
1.1MB
-
MD5
8673eae95d67e5eb19f0eca3111408e8
-
SHA1
ad3e1ce93782537ffd3cd9e0bb9d30ae22d40ddb
-
SHA256
576d2de2c9ef5bc1ea9bdd73ae8f408004260037c3b72227eed27e995166276d
-
SHA512
65c4eadf448a643f45fa9a0d91497bb25af404c41a3a32686d9e99ba4f4e50783d73f5b13d5df505cc62c465be300746d84a2eaa8000531893cd0b19d6436239
-
SSDEEP
24576:hUsmpWNSUFmCqJPNsTuJDYYviEcHy1t6Y:hSUQWSF8q
Score1/10 -
-
-
Target
Frozen Spoofer/Guna.UI2.dll
-
Size
3.8MB
-
MD5
a29c7159170dc36961cc7c6ae0ac6e40
-
SHA1
8fcaff77cda4dfca269f12d7f7284bd1dfb35df3
-
SHA256
8e0ebe5cebbcb46b3e870b6bfb20412a52f534240846220b7a5da7cad2d71903
-
SHA512
475b1695efc339b52d052ff17e7f9e245e1973f5fa93b79f482fb8baf9757d539cd8d5582544663824d091ad6919e315c0c524b055756a219bbf2fd901bd3537
-
SSDEEP
24576:cVaMMD+dmfoN6y42wVXXicKsZv76OqM8wd/8++XJVkhIiA6Gu1cJCyHQ/jzhpb:tAR7wVCEZvum8wJ6T6nmO
Score1/10 -
-
-
Target
Frozen Spoofer/Siticone.UI.dll
-
Size
1.3MB
-
MD5
750c58af2e56b6addecffcf152520ab8
-
SHA1
14995e7f1d12498606d9d209d78d55fe6fd87802
-
SHA256
27c56a28cbde094157206da1bfcd7a395111ab97b8a5ff600b11c2175dcefb26
-
SHA512
2179790e23f61b3dfea828457f8609279c70b1e071cddc73b1dbda02caa664e0aae2553fc24a4956f9e89c477d66b1a704bde26fa23bc6db26c19e18db00abb5
-
SSDEEP
24576:QVMCtIZJntOFmMlMqPilaiS4Yr6ugPngPfjv9tLF2cH8gb:u8NlaVeuHFb
Score1/10 -
-
-
Target
Frozen Spoofer/permunban.exe
-
Size
33.1MB
-
MD5
26a0ee034198a3163d7a4855dd246e63
-
SHA1
71fbd2e16a4c4ddaba065f8fd1d81e9f365f38a7
-
SHA256
28eae7cb4ab18555df3a1209513dffbfc27a8a098ad0b36754ac82eda131fd88
-
SHA512
88d1c582dbaca74d3b28541d465c2d678c594763e6098e327cc14a86da237e59b9444e18aac31da3e4b4fc77c8124363a66b64564dc40234a93d7b1fb18a9d04
-
SSDEEP
786432:5C1LbwgI7+I+w32BcdcfgEbZzIdUieRWacVqGiiihca:AYgI7GY2eGjbZzIheR/cVqGwh
Score7/10-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-