JiMscript-Roblox-Executor-v1-main[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

JiMscript-Roblox-Executor-v1-main.zip
Size

15.0MB
MD5

f3e83df9721c9e5d4037d0fb5f4e2f4f
SHA1

9a419b191b30222f2d5976217c3a81c3af21ff93
SHA256

39cfacffb30de0c566db105323574a5a958f6789afb21086184b072eb6eb7716
SHA512

5f98f84aad3c5042825178079e5483f33263ca3bbadec47e072c5e08fe5888fb558f9b6dc3d644f0264f070415226e7614bcf442dc7c608afbbe659a13a8ab9c
SSDEEP

393216:+wxacXvnTYBD+4Xew6/E08ToiRJAM6GsC4yhJB2dG7p6gG:/xaGvwCOew6/E0yBRyMzJ4gG

Score

3^/10

Malware Config

Signatures

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack001/JiMscript-Roblox-Executor-v1-main/FastColoredTextBox.dll
unpack001/JiMscript-Roblox-Executor-v1-main/JiMscript Roblox Executor v1 ( open this ).exe
unpack001/JiMscript-Roblox-Executor-v1-main/WeAreDevs_API.dll
unpack001/JiMscript-Roblox-Executor-v1-main/exploit-main.dll
unpack001/JiMscript-Roblox-Executor-v1-main/finj.exe
unpack001/JiMscript-Roblox-Executor-v1-main/kernel64.sys.dll

Files

JiMscript-Roblox-Executor-v1-main.zip
.zip
JiMscript-Roblox-Executor-v1-main/FastColoredTextBox.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
JiMscript-Roblox-Executor-v1-main/JiMscript Roblox Executor v1 ( open this ).exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
JiMscript-Roblox-Executor-v1-main/JiMscript Roblox Executor v1.exe.config
JiMscript-Roblox-Executor-v1-main/JiMscript Roblox Executor v1.pdb
JiMscript-Roblox-Executor-v1-main/WRDAPICONF.json
JiMscript-Roblox-Executor-v1-main/WeAreDevs_API.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 605KB - Virtual size: 604KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
JiMscript-Roblox-Executor-v1-main/exploit-main.dll
.dll windows:6 windows x86

7b18579f7ad1ee36f7523eac6825d158

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

freeaddrinfo
recvfrom
sendto
accept
WSACloseEvent
select
__WSAFDIsSet
WSACleanup
WSAGetLastError
recv
send
closesocket
ioctlsocket
connect
WSACreateEvent
WSASetLastError
WSAStartup
WSAEventSelect
WSAWaitForMultipleEvents
inet_ntop
WSAEnumNetworkEvents
bind
getsockname
socket
ntohs
htons
setsockopt
getaddrinfo
listen
gethostname
htonl
WSAIoctl
getsockopt
getpeername
WSAResetEvent

dbghelp

SymFunctionTableAccess
SymCleanup
SymInitialize
StackWalk
SymGetSymFromAddr
UnDecorateSymbolName
SymGetLineFromAddr
SymGetModuleBase

kernel32

WaitForSingleObjectEx
MoveFileExA
CloseHandle
GetModuleFileNameA
GetCurrentProcess
GetModuleHandleA
Sleep
GetCurrentThread
GetProcAddress
GetCurrentProcessId
GetConsoleWindow
SetConsoleTextAttribute
GetStdHandle
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
LoadLibraryA
QueryPerformanceFrequency
VerSetConditionMask
QueryPerformanceCounter
GetTickCount64
FormatMessageA
SetEvent
ResetEvent
CreateEventA
RaiseException
SetConsoleTitleA
CopyFileA
ReadFile
CreateNamedPipeA
SetConsoleMode
DisconnectNamedPipe
GetConsoleMode
DisableThreadLibraryCalls
FreeConsole
FreeLibrary
VerifyVersionInfoW
AllocConsole
ConnectNamedPipe
ReleaseSRWLockExclusive
GetFileType
PeekNamedPipe
WaitForMultipleObjects
CreateFileA
GetFileSizeEx
GetEnvironmentVariableA
LocalFree
GetLocaleInfoEx
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
SetFileInformationByHandle
AreFileApisANSI
GetModuleHandleW
GetFileInformationByHandleEx
InitOnceComplete
InitOnceBeginInitialize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
CreateEventW
FormatMessageW
SetLastError
GetTickCount
GetSystemDirectoryA
SleepEx
GetLastError
IsDebuggerPresent
DeleteCriticalSection
GetSystemTimeAsFileTime
InitializeSListHead
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
GetCurrentThreadId
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

MessageBoxA
ShowWindow
RegisterClassExA
UnregisterClassA
CreateWindowExA
DefWindowProcA
CallWindowProcA
SetWindowLongA
DestroyWindow
GetWindowRect
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
GetCursorPos
GetWindowLongA
SetCursorPos
GetSystemMenu
MonitorFromPoint
DeleteMenu
keybd_event
GetSystemMetrics
MapVirtualKeyA
mouse_event
RegisterClipboardFormatA
SendInput
LoadCursorA
ScreenToClient
GetCapture
ClientToScreen
IsChild
TrackMouseEvent
GetForegroundWindow
SetCapture
SetCursor
GetClientRect
ReleaseCapture

advapi32

CryptGetHashParam
CryptReleaseContext
CryptEncrypt
GetCurrentHwProfileA
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGenRandom
CryptAcquireContextA

shell32

ShellExecuteA

msvcp140

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Winerror_map@std@@YAHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
?_Random_device@std@@YAIXZ
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_detach
?_Xbad_function_call@std@@YAXXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
_Query_perf_frequency
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Query_perf_counter
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
_Xtime_get_ticks
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_init_in_situ
_Thrd_sleep
_Mtx_unlock
?_Xinvalid_argument@std@@YAXPBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
_Cnd_signal
_Cnd_init_in_situ
_Cnd_wait
_Thrd_id
_Thrd_join
_Cnd_destroy_in_situ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE?AV?$fpos@U_Mbstatet@@@2@XZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
_Tolower
_Toupper
??1ctype_base@std@@UAE@XZ
??0ctype_base@std@@QAE@I@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Xlength_error@std@@YAXPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
_Mtx_current_owns
_Cnd_timedwait
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??1_Locinfo@std@@QAE@XZ

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow

d3dcompiler_47

D3DCompile

vcruntime140

__std_exception_destroy
__std_type_info_destroy_list
_CxxThrowException
_except_handler4_common
__current_exception_context
__current_exception
memchr
memmove
strrchr
memcpy
__CxxFrameHandler3
memset
strchr
_purecall
strstr
__std_terminate
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

malloc
free
realloc
_callnewh
calloc

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_initialize_narrow_environment
exit
abort
system
_configure_narrow_argv
__sys_errlist
_execute_onexit_table
__sys_nerr
_seh_filter_dll
_crt_atexit
_beginthreadex
strerror
terminate
_errno
_cexit
_invalid_parameter_noinfo_noreturn
_initterm_e
_getpid
_register_onexit_function
_initterm

api-ms-win-crt-string-l1-1-0

isupper
strncat
isalnum
strncmp
strspn
strpbrk
strnlen
tolower
_strdup
strncpy
isspace
isalpha
strcspn

api-ms-win-crt-stdio-l1-1-0

fseek
__stdio_common_vsscanf
ftell
_lseeki64
fgets
_open
_get_stream_buffer_pointers
_fseeki64
fread
fsetpos
ungetc
_write
_close
setvbuf
fgetpos
fwrite
_wfopen
fopen
__stdio_common_vfprintf
fgetc
__stdio_common_vsprintf_s
freopen_s
fclose
fflush
__acrt_iob_func
fputc
feof
__stdio_common_vsprintf
_read

api-ms-win-crt-time-l1-1-0

_time64
strftime
_localtime64
_gmtime64

api-ms-win-crt-filesystem-l1-1-0

_stat64
_fstat64
_lock_file
_access
_unlink
_unlock_file

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-convert-l1-1-0

strtoll
strtoull
wcstombs
strtod
atoi
strtol
strtoul

api-ms-win-crt-math-l1-1-0

_libm_sse2_pow_precise
_CItanh
_dclass
_CIcosh
_libm_sse2_acos_precise
_libm_sse2_asin_precise
_libm_sse2_atan_precise
_CIfmod
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
_libm_sse2_cos_precise
_CIatan2
_libm_sse2_exp_precise
_libm_sse2_tan_precise
_libm_sse2_log10_precise
ceil
log2
ldexp
round
floor
_fdopen
_dsign
modf
frexp
_libm_sse2_log_precise
_CIsinh

api-ms-win-crt-locale-l1-1-0

localeconv
___lc_codepage_func

crypt32

CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetNameStringA
CertFreeCertificateChain
CertFindExtension
CertAddCertificateContextToStore
CryptDecodeObjectEx
CertOpenStore
PFXImportCertStore
CryptStringToBinaryA
CertFreeCertificateContext
CryptQueryObject
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertGetCertificateChain

wldap32

ord41
ord143
ord217
ord46
ord211
ord60
ord45
ord50
ord30
ord22
ord26
ord27
ord32
ord33
ord35
ord301
ord200
ord79

normaliz

IdnToAscii

Sections

.text
Size: - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

A}"
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

tDe
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Wr]
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
JiMscript-Roblox-Executor-v1-main/finj.exe
.exe windows:6 windows x86

39ae286c462c7fa9fbe2711a25012bf0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32First
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

msvcp140

?_Winerror_map@std@@YAHH@Z

shlwapi

PathAddBackslashA

vcruntime140

__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_initterm_e

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-stdio-l1-1-0

_set_fmode

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

api-ms-win-crt-math-l1-1-0

__setusermatherr

user32

CharUpperBuffW

Sections

.text
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.X:E
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.yQ$
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.( *
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
JiMscript-Roblox-Executor-v1-main/kernel64.sys.dll
.dll windows:6 windows x86

f1b67953c8342ff500c2718d513f4cd3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualQuery
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

vcruntime140

memset
__std_type_info_destroy_list
_except_handler4_common

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_configure_narrow_argv
_seh_filter_dll
_cexit
_initterm
_initialize_narrow_environment
_initialize_onexit_table
_initterm_e

Exports

Exports

setup_the_bypass

Sections

.text
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.3if
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Il0
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.!Z=
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 320KB - Virtual size: 320KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 17KB - Virtual size: 16KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 605KB - Virtual size: 604KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

7b18579f7ad1ee36f7523eac6825d158

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

dbghelp

kernel32

user32

advapi32

shell32

msvcp140

imm32

d3dcompiler_47

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

crypt32

wldap32

normaliz

Sections

.text Size: - Virtual size: 2.2MB

.rdata Size: - Virtual size: 147KB

.data Size: - Virtual size: 288KB

A}" Size: - Virtual size: 1.9MB

tDe Size: 7KB - Virtual size: 7KB

Wr] Size: 4.7MB - Virtual size: 4.7MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 233B

39ae286c462c7fa9fbe2711a25012bf0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp140

shlwapi

.text
Size: 320KB - Virtual size: 320KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 605KB - Virtual size: 604KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: - Virtual size: 2.2MB

.rdata
Size: - Virtual size: 147KB

.data
Size: - Virtual size: 288KB

A}"
Size: - Virtual size: 1.9MB

tDe
Size: 7KB - Virtual size: 7KB

Wr]
Size: 4.7MB - Virtual size: 4.7MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 233B

.text
Size: - Virtual size: 20KB

.rdata
Size: - Virtual size: 6KB

.data
Size: - Virtual size: 1KB

.X:E
Size: - Virtual size: 3.4MB

.yQ$
Size: 1KB - Virtual size: 1KB

.( *
Size: 6.2MB - Virtual size: 6.2MB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 469B

.text
Size: - Virtual size: 4KB

.rdata
Size: - Virtual size: 2KB

.data
Size: - Virtual size: 920B

.3if
Size: - Virtual size: 1.7MB

.Il0
Size: 1024B - Virtual size: 524B

.!Z=
Size: 3.7MB - Virtual size: 3.7MB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 233B