API Src[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

API Src.rar
Size

163KB
MD5

6e5367f9f6b1821934e990a47ee503c5
SHA1

2288c3831ab3f0867f1085020f1816790711c246
SHA256

d9bd855d8bf39bac28f731ce4b6fee8cbf5beb055648c63412a3d5880c5b4f2f
SHA512

0e11d98dc25ce11f987c2ff9f7cdf123b4765508fcb8956c5be7a3872a7289afec691cbe0940d1c62f5732c43404e80d0f22bf485c05c775877985b12d2e8d7d
SSDEEP

3072:bgjxA/sEipxD9ej6RPObjUdcDp4vMFJtyCYBVySrQlggBaWEW:bgjsQxhXxUjUdF0WbySrQlggN

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/km/EvolveAPI/bin/Release/NiggaSploit.dll
unpack001/km/EvolveAPI/obj/Release/NiggaSploit.dll

Files

API Src.rar
.rar
km/.vs/EvolveAPI/FileContentIndex/7df7bb7f-0c48-4cb9-a8c7-9a9f66eb4936.vsidx
km/.vs/EvolveAPI/FileContentIndex/920e0268-d4f0-4fd2-99fa-0f00176b7b22.vsidx
km/.vs/EvolveAPI/FileContentIndex/9bf031bf-0741-4bba-824a-d8964bcb5b5b.vsidx
km/.vs/EvolveAPI/FileContentIndex/c0fa2f87-4f4d-4444-b08b-7958caf5249e.vsidx
km/.vs/EvolveAPI/FileContentIndex/e63b2003-7f58-47fd-8e28-bae60ea659dc.vsidx
km/.vs/NiggaSploit/FileContentIndex/2d5b42ad-5f25-46c8-9855-c042b4b80753.vsidx
km/.vs/NiggaSploit/FileContentIndex/74232d0e-88d2-4467-bd4d-94060169b6ce.vsidx
km/.vs/NiggaSploit/FileContentIndex/f947f02c-9bcd-46e9-a671-a82e6c996ac5.vsidx
km/.vs/NiggaSploit/v17/.suo
km/.vs/NiggaSploit/v17/DocumentLayout.json
km/EvolveAPI/.vs/EvolveAPI.csproj.dtbcache.json
km/EvolveAPI/.vs/NiggaSploit.csproj.dtbcache.json
km/EvolveAPI/Blackie/BitdancersDrug.cs
.js
km/EvolveAPI/Blackie/InjectionStatus.cs
km/EvolveAPI/Imports.cs
km/EvolveAPI/ManualMapApi/MapInject.cs
km/EvolveAPI/NiggaSploit.csproj
km/EvolveAPI/Properties/AssemblyInfo.cs
km/EvolveAPI/Properties/Settings.Designer.cs
km/EvolveAPI/Properties/Settings.settings
km/EvolveAPI/Util.cs
.js
km/EvolveAPI/app.config
km/EvolveAPI/bin/Release/NiggaSploit.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\White Cat\Downloads\km\EvolveAPI\obj\Release\NiggaSploit.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
km/EvolveAPI/bin/Release/NiggaSploit.dll.config
km/EvolveAPI/bin/Release/NiggaSploit.pdb
km/EvolveAPI/obj/Debug/.NETFramework,Version=v4.8.AssemblyAttributes.cs
km/EvolveAPI/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
km/EvolveAPI/obj/Debug/EvolveAPI.csproj.AssemblyReference.cache
km/EvolveAPI/obj/Release/.NETFramework,Version=v4.8.AssemblyAttributes.cs
km/EvolveAPI/obj/Release/DesignTimeResolveAssemblyReferences.cache
km/EvolveAPI/obj/Release/DesignTimeResolveAssemblyReferencesInput.cache
km/EvolveAPI/obj/Release/EvolveAPI.csproj.AssemblyReference.cache
km/EvolveAPI/obj/Release/EvolveAPI.csproj.CoreCompileInputs.cache
km/EvolveAPI/obj/Release/EvolveAPI.csproj.FileListAbsolute.txt
km/EvolveAPI/obj/Release/NiggaSploit.csproj.AssemblyReference.cache
km/EvolveAPI/obj/Release/NiggaSploit.csproj.CoreCompileInputs.cache
km/EvolveAPI/obj/Release/NiggaSploit.csproj.FileListAbsolute.txt
km/EvolveAPI/obj/Release/NiggaSploit.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\White Cat\Downloads\km\EvolveAPI\obj\Release\NiggaSploit.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
km/EvolveAPI/obj/Release/NiggaSploit.pdb
km/NiggaSploit.sln

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 141KB - Virtual size: 141KB

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 141KB - Virtual size: 141KB

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 141KB - Virtual size: 141KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 141KB - Virtual size: 141KB

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 12B