13449bcc203be5e0ee5eefafd8823ad2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

13449bcc203be5e0ee5eefafd8823ad2_JaffaCakes118
Size

1.5MB
MD5

13449bcc203be5e0ee5eefafd8823ad2
SHA1

f73516af685956d30d884bdc51f12b758d08b92b
SHA256

a251c5b4d65a218c7fcb22d8f79f3c4c59606d1e4d7880b22f38c818543b791c
SHA512

4035600d061a142ea4c2a6cbbe6bc28d59522b0854a0a2306fc75cd3be0252d3696d2c068449de2073e218d5d592a83cce0f8035873140147a7f54e627bb8dfe
SSDEEP

49152:QU57KFVZXPh68Xl52KrXChDKgpjcxGeMJrAS+XO:ponZXZRShDKgpjXrAG

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Inferno 1.0 [1]/FastColoredTextBox.dll
unpack001/Inferno 1.0 [1]/FlatUI.dll
unpack001/Inferno 1.0 [1]/Inferno 1.0.exe
unpack001/Inferno 1.0 [1]/WeAreDevs_API.cpp.dll
unpack001/Inferno 1.0 [1]/WeAreDevs_API.dll

Files

13449bcc203be5e0ee5eefafd8823ad2_JaffaCakes118
.zip
Inferno 1.0 [1]/FastColoredTextBox.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Projects_CSharp\FastColoredTextBox\FastColoredTextBox\obj\Debug\FastColoredTextBox.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 329KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Inferno 1.0 [1]/FlatUI.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Aero\Desktop\FlatUI-master\src\FlatUI\obj\Debug\FlatUI.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Inferno 1.0 [1]/Inferno 1.0.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\rrush\source\repos\Inferno 1.0\Inferno 1.0\obj\Debug\Inferno 1.0.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 471KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 446KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Inferno 1.0 [1]/WeAreDevs_API.cpp.dll
.dll windows:6 windows x86 arch:x86

4ef178fadf7e5f7f19069ecf5a9072a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\OneDrive\Digital Developing\Visual Studio\ROBLOX\Current\Exploit API v2.3\Release\WeAreDevs_API.cpp.pdb

Imports

kernel32

GetModuleFileNameA
Process32First
WriteProcessMemory
WriteFile
TerminateProcess
lstrlenA
WaitForSingleObject
GetModuleHandleA
OpenProcess
CreateToolhelp32Snapshot
GetTempPathA
CreateFileA
Process32Next
CloseHandle
GetProcAddress
VirtualAllocEx
CreateRemoteThread
VirtualFreeEx
SetEndOfFile
WriteConsoleW
HeapSize
CreateFileW
ReadConsoleW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetLastError
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
EncodePointer
DecodePointer
MultiByteToWideChar
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
RaiseException
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
GetFileType
HeapAlloc
HeapFree
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
DeleteFileW
ReadFile
SetFilePointerEx
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP

user32

MessageBoxA
wsprintfA

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

urlmon

URLDownloadToFileA

Exports

Exports

GetModuleParentPath
GetProcessIDByName
InjectDLLIntoProcessIdentifier
KillProcessID
LaunchExploit
SMTNP
SendCommand
SendLimitedLuaScript
SendLuaCScript

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Inferno 1.0 [1]/WeAreDevs_API.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\Cloud\Digital Developing\Visual Studio\ROBLOX\Current\Exploit API v2.3\WeAreDevs_API\obj\Release\WeAreDevs_API.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Inferno 1.0 [1]/ed.txt

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 329KB - Virtual size: 328KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 54KB - Virtual size: 53KB

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 471KB - Virtual size: 470KB

.rsrc Size: 446KB - Virtual size: 446KB

.reloc Size: 512B - Virtual size: 12B

4ef178fadf7e5f7f19069ecf5a9072a0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

wininet

urlmon

Exports

Exports

Sections

.text Size: 143KB - Virtual size: 143KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 9KB - Virtual size: 8KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 10KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 329KB - Virtual size: 328KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 54KB - Virtual size: 53KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 471KB - Virtual size: 470KB

.rsrc
Size: 446KB - Virtual size: 446KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 143KB - Virtual size: 143KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 9KB - Virtual size: 8KB

.text
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B