C:\Users\Co\source\repos\EasyExploits\EasyExploits\obj\Release\EasyExploits.pdb
Static task
static1
1 signatures
General
-
Target
Voyage-main.zip
-
Size
8.0MB
-
MD5
f9cc70da16027807aba4d795ab2f2429
-
SHA1
802e8251a97b19f8b896e62966ba73868ecb8015
-
SHA256
ae0a95caca31b80dae3b8e4d0a816f13fd1941aa03eb44204b187fdc36f5b0ee
-
SHA512
c382af45b724d930286f7eb4d83e3c7e1597a8c3205ca506c7cdc9e144eddbb297f3032f40340e777685888bfcdaf1a96b57ca12caa5fa55c914be66ff976d34
-
SSDEEP
196608:u27vkxHIOT5J9AaekvlaaBIpGFTta9gg1Ua3/WrOyR4nn9WP6Z9OPj:u2yH3f95TtxBNztg1UDOyR4nn9I6Q
Score
3/10
Malware Config
Signatures
-
Unsigned PE 5 IoCs
Checks for missing Authenticode signature.
resource unpack001/Voyage-main/Voyage/EasyExploits.dll unpack001/Voyage-main/Voyage/EasyExploitsDLL.dll unpack001/Voyage-main/Voyage/FastColoredTextBox.dll unpack001/Voyage-main/Voyage/Voyage.exe unpack001/Voyage-main/Voyage/exploit-main.dll
Files
-
Voyage-main.zip.zip
-
Voyage-main/README.md
-
Voyage-main/Voyage/EasyExploits.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
mscoree
_CorDllMain
Sections
.text Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 920B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Voyage-main/Voyage/EasyExploitsDLL.dll.dll windows:6 windows x86 arch:x86
b5a0fef14d8740b93b4ec823f87a140e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
normaliz
IdnToAscii
ws2_32
ioctlsocket
wldap32
ord200
crypt32
CertCloseStore
advapi32
RegCreateKeyExA
kernel32
SleepEx
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress
user32
GetMessageA
GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW
gdi32
CreateFontA
shell32
ShellExecuteA
imm32
ImmSetCompositionWindow
d3dcompiler_47
D3DCompile
msvcp140
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
d3d11
D3D11CreateDeviceAndSwapChain
comctl32
InitCommonControlsEx
dbghelp
ImageNtHeader
vcruntime140
_setjmp3
api-ms-win-crt-stdio-l1-1-0
fgetpos
api-ms-win-crt-string-l1-1-0
strspn
api-ms-win-crt-utility-l1-1-0
rand
api-ms-win-crt-heap-l1-1-0
free
api-ms-win-crt-convert-l1-1-0
strtod
api-ms-win-crt-runtime-l1-1-0
_initterm
api-ms-win-crt-filesystem-l1-1-0
_lock_file
api-ms-win-crt-locale-l1-1-0
localeconv
api-ms-win-crt-math-l1-1-0
_CIcosh
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-time-l1-1-0
strftime
wtsapi32
WTSSendMessageW
Sections
.text Size: - Virtual size: 687KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: - Virtual size: 180KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
uwu0 Size: - Virtual size: 4.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
uwu1 Size: 7.2MB - Virtual size: 7.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 506B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Voyage-main/Voyage/FastColoredTextBox.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\Projects_CSharp\FastColoredTextBox\FastColoredTextBox\obj\Debug\FastColoredTextBox.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 322KB - Virtual size: 322KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Voyage-main/Voyage/Scripts/README.txt
-
Voyage-main/Voyage/Scripts/VERSION-CHECK.txt
-
Voyage-main/Voyage/Siticone.UI.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
3a:93:0b:19:8f:29:72:9a:49:b0:8b:f3:6d:f8:17:aeCertificate
IssuerCN=Siticone Root CANot Before05/02/2020, 06:42Not After22/10/2030, 17:00SubjectCN=Siticone Technology03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate
IssuerCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22/10/2014, 00:00Not After22/10/2024, 00:00SubjectCN=DigiCert Timestamp Responder,O=DigiCert,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before10/11/2006, 00:00Not After10/11/2021, 00:00SubjectCN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
34:8f:92:bf:68:07:1b:a4:18:d3:f6:b4:4e:02:5a:2c:51:c0:51:c0Signer
Actual PE Digest34:8f:92:bf:68:07:1b:a4:18:d3:f6:b4:4e:02:5a:2c:51:c0:51:c0Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\Ilham-PC\Documents\Visual Studio 2015\Projects\Siticone.UI\Build\Release\Siticone.UI.WinForms\Siticone.UI.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Voyage-main/Voyage/Voyage.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\Tasnim\source\repos\Voyage\Voyage\obj\Debug\Voyage.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Voyage-main/Voyage/exploit-main.dll.dll windows:6 windows x86 arch:x86
eafd63a90a931a9e607f6fd6efcaefd2
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
E:\GitHub\Exploits\Exploit-API\Release\exploit-main.pdb
Imports
d3dcompiler_47
D3DCompile
d3d11
D3D11CreateDeviceAndSwapChain
kernel32
LoadLibraryA
QueryPerformanceFrequency
GetProcAddress
QueryPerformanceCounter
GetModuleFileNameA
GetLastError
FreeLibrary
FormatMessageA
ReadFile
VirtualProtect
GetConsoleScreenBufferInfo
CreateNamedPipeA
SetConsoleTextAttribute
VirtualFree
SetConsoleTitleA
GetCurrentProcess
GetStdHandle
VirtualAlloc
GetCurrentThreadId
GetCurrentDirectoryA
ExitThread
GetModuleHandleA
DisconnectNamedPipe
OpenProcess
Sleep
CreateFileA
DisableThreadLibraryCalls
CloseHandle
FreeConsole
GetSystemInfo
CreateThread
AddVectoredExceptionHandler
ExitProcess
GetCurrentProcessId
GetConsoleWindow
IsBadReadPtr
AllocConsole
VirtualQuery
ConnectNamedPipe
InterlockedExchange
InterlockedCompareExchange
FlushInstructionCache
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
OpenThread
GetThreadContext
SetThreadContext
SuspendThread
ResumeThread
GetModuleHandleW
GlobalUnlock
Thread32First
Thread32Next
HeapSize
CreateFileW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
WaitForSingleObject
GetTimeZoneInformation
GetFileSizeEx
GetConsoleCP
WriteFile
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetFileType
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetModuleHandleExW
LoadLibraryExW
GetModuleFileNameW
InterlockedFlushSList
RtlUnwind
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
SetLastError
MultiByteToWideChar
WriteConsoleW
SetEndOfFile
CreateToolhelp32Snapshot
DecodePointer
EncodePointer
GetProcessHeap
InitializeSListHead
GetSystemTimeAsFileTime
GetStartupInfoW
RaiseException
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
user32
EmptyClipboard
SetClipboardData
OpenClipboard
GetCursorPos
SetCursorPos
CloseClipboard
GetClipboardData
mouse_event
ReleaseCapture
GetWindowThreadProcessId
GetSystemMenu
GetWindowRect
SetWindowPos
DeleteMenu
ShowWindow
GetAsyncKeyState
CallWindowProcA
GetWindowLongA
MessageBoxA
FindWindowW
SetWindowLongA
SendInput
GetKeyState
LoadCursorA
ScreenToClient
GetCapture
ClientToScreen
IsChild
GetForegroundWindow
SetCapture
SetCursor
GetClientRect
shell32
ShellExecuteA
imm32
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
xinput1_4
ord2
ord4
wininet
InternetReadFile
InternetCloseHandle
InternetOpenA
InternetOpenUrlA
dbghelp
MiniDumpWriteDump
Sections
.text Size: 609KB - Virtual size: 609KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 134KB - Virtual size: 134KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ