42da845dcc986edb6119228320bd0b5f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

42da845dcc986edb6119228320bd0b5f_JaffaCakes118
Size

7.9MB
MD5

42da845dcc986edb6119228320bd0b5f
SHA1

ed04d31edabf9d1845ed70053f57fd566aa8e8ca
SHA256

fbcc265de294e4be709e4dc55ce1c802a8ac5f455122d378e47fb18c4c28526d
SHA512

2da56a41a168d59b272824fb7955711039f80c14a986dcd5620e55b63e1e07fa788f1df9dbf320f64bf4b9e07e896a30706b7d10a40ab191709f3add6d2fe8f7
SSDEEP

196608:eX73RKvYZGv3e4iMHDzq2loS2GXOrZLv5W4qDFRBo:iKvYYveRCD/O55orS

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Proxo BETA V1.7/FastColoredTextBox.dll
unpack002/Proxo BETA V1.7/FlatUI.dll
unpack002/Proxo BETA V1.7/Proxo.exe
unpack002/Proxo BETA V1.7/System.Drawing.dll
unpack002/Proxo BETA V1.7/System.Windows.Forms.dll
unpack002/Proxo BETA V1.7/System.dll
unpack002/Proxo BETA V1.7/WeAreDevs_API.dll
unpack002/Proxo BETA V1.7/exploit-main.dll

Files

42da845dcc986edb6119228320bd0b5f_JaffaCakes118
.zip
Proxo_BETA_V1.7.rar
.rar
Proxo BETA V1.7/FastColoredTextBox.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\LLAMA\source\repos\VeilUI\FastColoredTextBox\obj\Debug\FastColoredTextBox.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Proxo BETA V1.7/FlatUI.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Aero\Desktop\FlatUI-master\src\FlatUI\obj\Debug\FlatUI.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Proxo BETA V1.7/Proxo.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\dthom\Desktop\Proxo\obj\Debug\Emperor.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Proxo BETA V1.7/System.Drawing.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

System.Drawing.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 547KB - Virtual size: 547KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Proxo BETA V1.7/System.Windows.Forms.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

System.Windows.Forms.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Proxo BETA V1.7/System.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

System.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Proxo BETA V1.7/WeAreDevs_API.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\GitHub\Exploits\Exploit-API\src\WeAreDevs_API\obj\Release\WeAreDevs_API.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Proxo BETA V1.7/exploit-main.dll
.dll windows:6 windows x86 arch:x86

7b88525e5557d3e6e512687df07203bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\GitHub\Exploits\Exploit-API\src\Release\exploit-main.pdb

Imports

d3dcompiler_47

D3DCompile

d3d11

D3D11CreateDeviceAndSwapChain

kernel32

QueryPerformanceCounter
GetModuleFileNameA
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
FormatMessageA
ReadFile
VirtualProtect
GetConsoleScreenBufferInfo
CreateNamedPipeA
SetConsoleTextAttribute
VirtualFree
SetConsoleTitleA
GetCurrentProcess
GetStdHandle
VirtualAlloc
GetCurrentThreadId
GetCurrentDirectoryA
ExitThread
GetModuleHandleA
DisconnectNamedPipe
OpenProcess
MultiByteToWideChar
Sleep
CreateFileA
DisableThreadLibraryCalls
CloseHandle
FreeConsole
GetSystemInfo
CreateThread
AddVectoredExceptionHandler
ExitProcess
GetCurrentProcessId
GetConsoleWindow
IsBadReadPtr
AllocConsole
VirtualQuery
ConnectNamedPipe
InterlockedExchange
InterlockedCompareExchange
FlushInstructionCache
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
OpenThread
GetThreadContext
SetThreadContext
SuspendThread
ResumeThread
GetModuleHandleW
CreateToolhelp32Snapshot
QueryPerformanceFrequency
Thread32Next
GetThreadTimes
SetEndOfFile
WriteConsoleW
HeapSize
CreateFileW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
WaitForSingleObject
GetTimeZoneInformation
GetFileSizeEx
GetConsoleCP
WriteFile
GlobalAlloc
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GlobalFree
GlobalUnlock
GlobalLock
Thread32First
GetTimeFormatW
GetDateFormatW
GetCurrentThread
GetFileType
ReadConsoleW
GetConsoleMode
SetFilePointerEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RaiseException
WideCharToMultiByte
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
GetProcessHeap
FormatMessageW
SwitchToThread
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlUnwind
InterlockedFlushSList
GetModuleFileNameW
LoadLibraryExW
GetModuleHandleExW

user32

CloseClipboard
OpenClipboard
SetClipboardData
EmptyClipboard
GetClipboardData
GetCursorPos
SetCursorPos
ReleaseCapture
GetWindowThreadProcessId
GetSystemMenu
GetWindowRect
SetWindowPos
DeleteMenu
CreatePopupMenu
ShowWindow
GetAsyncKeyState
SetWindowLongA
CallWindowProcA
GetWindowLongA
MessageBoxA
SetMenu
DefWindowProcA
CreateWindowExA
FindWindowW
SendMessageA
mouse_event
DrawMenuBar
AppendMenuA
CreateMenu
SendInput
GetKeyState
LoadCursorA
ScreenToClient
GetCapture
ClientToScreen
IsChild
GetForegroundWindow
SetCapture
SetCursor
GetClientRect

gdi32

GetStockObject
SetTextColor

shell32

ShellExecuteA

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 577KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 320KB - Virtual size: 320KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 54KB - Virtual size: 53KB

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 6.7MB - Virtual size: 6.7MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 547KB - Virtual size: 547KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 4.9MB - Virtual size: 4.9MB

.rsrc Size: 83KB - Virtual size: 83KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 3.1MB - Virtual size: 3.1MB

.rsrc Size: 232KB - Virtual size: 232KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 11KB - Virtual size: 10KB

.text
Size: 320KB - Virtual size: 320KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 54KB - Virtual size: 53KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 6.7MB - Virtual size: 6.7MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 547KB - Virtual size: 547KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 4.9MB - Virtual size: 4.9MB

.rsrc
Size: 83KB - Virtual size: 83KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3.1MB - Virtual size: 3.1MB

.rsrc
Size: 232KB - Virtual size: 232KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 577KB - Virtual size: 576KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 6KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 26KB - Virtual size: 26KB