dc96c941d6d1e5d0a03c385c010a068a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc96c941d6d1e5d0a03c385c010a068a_JaffaCakes118
Size

1.1MB
MD5

dc96c941d6d1e5d0a03c385c010a068a
SHA1

3b630356a7a6a2ef68b43f038aa654a2df6f2926
SHA256

95d8bc45c86c17af5cb5df8ea4931dc51efb30aff7268f758102a4c9091fa3cc
SHA512

0c5faf4988da35db5225b49523eacdfd5a6ceb8d75eb36d53aaf441cfa08af0f73960a48c4341da0d0399a5c56f7dc4fbd363b4c650ad78bae46131a63858171
SSDEEP

24576:EvNYD0euu9eN5IlitrgsrzHwxzvZ73gdSj+IOZjopowIGaONqO:zD9eNGli9HrrkvlgdSPAQAO

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Pain Exist v2.9/FastColoredTextBox.dll
unpack001/Pain Exist v2.9/FlatUI.dll
unpack001/Pain Exist v2.9/Pain Exist V2.9 by Filter.exe
unpack001/Pain Exist v2.9/WeAreDevs_API.dll
unpack001/Pain Exist v2.9/exploit-main.dll

Files

dc96c941d6d1e5d0a03c385c010a068a_JaffaCakes118
.zip
Pain Exist v2.9/FastColoredTextBox.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\LLAMA\source\repos\VeilUI\FastColoredTextBox\obj\Debug\FastColoredTextBox.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pain Exist v2.9/FlatUI.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\danie\Desktop\FlatUI-master\src\FlatUI\obj\Debug\FlatUI.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pain Exist v2.9/Pain Exist V2.9 by Filter.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 482KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pain Exist v2.9/WeAreDevs_API.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

F:\OneDrive\Digital Developing\Visual Studio\ROBLOX\Current\Exploit API v2\WeAreDevs_API\obj\Release\WeAreDevs_API.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Pain Exist v2.9/exploit-main.dll
.dll windows:6 windows x86 arch:x86

5f979fa9acb7deb3a36bc17ceed528cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\jonat\OneDrive\Digital Developing\Visual Studio\ROBLOX\Current\Exploit API v2.2\Release\exploit-main.pdb

Imports

kernel32

GetModuleFileNameA
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
FormatMessageA
ReadFile
WriteProcessMemory
VirtualProtect
CreateNamedPipeA
VirtualFree
SetConsoleTitleA
GetCurrentProcess
VirtualAlloc
ExitThread
GetModuleHandleA
DisconnectNamedPipe
Sleep
DisableThreadLibraryCalls
FreeConsole
GetSystemInfo
CreateThread
AddVectoredExceptionHandler
GetConsoleWindow
AllocConsole
VirtualQuery
ConnectNamedPipe
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
IsProcessorFeaturePresent
TerminateProcess
InitializeSListHead
SetUnhandledExceptionFilter
UnhandledExceptionFilter

user32

SetWindowPos
ShowWindow
GetAsyncKeyState
MessageBoxA

shell32

ShellExecuteA

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?uncaught_exception@std@@YA_NXZ
?_Xinvalid_argument@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

vcruntime140

__CxxFrameHandler3
strstr
__std_exception_destroy
__std_terminate
longjmp
strrchr
memset
__std_exception_copy
_CxxThrowException
strchr
_except_handler4_common
__std_type_info_destroy_list
_setjmp3
memmove
memcpy
memchr

api-ms-win-crt-stdio-l1-1-0

fseek
clearerr
ftell
_pclose
freopen
tmpfile
fgets
ferror
fwrite
fopen
__acrt_iob_func
fclose
tmpnam
fputs
getc
__stdio_common_vfprintf
fflush
ungetc
setvbuf
__stdio_common_vfscanf
__stdio_common_vsprintf
_popen
fread
feof

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh
realloc

api-ms-win-crt-runtime-l1-1-0

system
strerror
exit
_invalid_parameter_noinfo_noreturn
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_errno

api-ms-win-crt-convert-l1-1-0

strtoul
strtod
strtol

api-ms-win-crt-string-l1-1-0

iscntrl
isalnum
isalpha
strncpy
strncat
isdigit
strpbrk
toupper
isupper
tolower
strcspn
isxdigit
ispunct
islower
_strdup
isspace
strtok
strcoll

api-ms-win-crt-locale-l1-1-0

setlocale
localeconv

api-ms-win-crt-math-l1-1-0

_libm_sse2_atan_precise
modf
_libm_sse2_log_precise
_libm_sse2_exp_precise
_libm_sse2_pow_precise
_except1
_libm_sse2_cos_precise
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
_libm_sse2_tan_precise
ceil
ldexp
floor
_libm_sse2_acos_precise
_CItanh
_CIsinh
_libm_sse2_asin_precise
_CIfmod
frexp
_CIcosh
_libm_sse2_log10_precise
_CIatan2

api-ms-win-crt-utility-l1-1-0

rand
srand

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-time-l1-1-0

_time64
clock
_mktime64
strftime
_gmtime64
_difftime64
_localtime64

api-ms-win-crt-filesystem-l1-1-0

remove
rename

Sections

.text
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 320KB - Virtual size: 320KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 53KB - Virtual size: 52KB

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 482KB - Virtual size: 481KB

.rsrc Size: 49KB - Virtual size: 49KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 10KB - Virtual size: 10KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 512B - Virtual size: 12B

5f979fa9acb7deb3a36bc17ceed528cd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

msvcp140

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

Sections

.text Size: 202KB - Virtual size: 201KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 320KB - Virtual size: 320KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 53KB - Virtual size: 52KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 482KB - Virtual size: 481KB

.rsrc
Size: 49KB - Virtual size: 49KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 202KB - Virtual size: 201KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 14KB - Virtual size: 13KB