UpdatedIncognito-main (2)[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

UpdatedIncognito-main (2).zip
Size

1.0MB
MD5

0498eadfbfd89e09403458b8603f2fc9
SHA1

7ce3a4b09241dbd142389996b343882142639f8a
SHA256

9e9c304a4da7328fee6971f829d0c8a3031afae74427e55d679437f80cb1e6e8
SHA512

d6d4cf95b4fc61f9e44cafeadf371115e847fb37907839a9cb89489ab787aa24713e1b971535e112d896ad73e6d1316a9ce2db82b16c3fa8bcc9472b2975ff5b
SSDEEP

24576:CyweNvZLkarcb63X0coffqkgsDF9g60Gxi9Vu8yxdbBiMrj:LPjrce3X01RrENGxi9Vu8aj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/UpdatedIncognito-main/UpdatedIncognito-main/bin/API.dll

Files

UpdatedIncognito-main (2).zip
.zip
UpdatedIncognito-main/UpdatedIncognito-main/.gitattributes
UpdatedIncognito-main/UpdatedIncognito-main/BUILD.bat
.bat .vbs
UpdatedIncognito-main/UpdatedIncognito-main/COMPILE.bat
UpdatedIncognito-main/UpdatedIncognito-main/LICENSE.md
UpdatedIncognito-main/UpdatedIncognito-main/RUN.bat
UpdatedIncognito-main/UpdatedIncognito-main/bin/API.dll
.dll windows:6 windows x64 arch:x64

dfd11645eb4732c0409f51f0532c3683

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\llama\Downloads\compiler-src-main\compiler-src-main\x64\Release\incognito-luau.pdb

Imports

kernel32

QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentProcess
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSListHead

msvcp140

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?good@ios_base@std@@QEBA_NXZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Xbad_function_call@std@@YAXXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xout_of_range@std@@YAXPEBD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?uncaught_exceptions@std@@YAHXZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??Bid@locale@std@@QEAA_KXZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memchr
__std_exception_destroy
memcmp
memcpy
memmove
__std_exception_copy
_purecall
__std_type_info_destroy_list
memset
_CxxThrowException
__current_exception_context
__current_exception
__C_specific_handler
strchr
__std_terminate

api-ms-win-crt-stdio-l1-1-0

fflush
ungetc
fsetpos
fwrite
__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vsprintf
_get_stream_buffer_pointers
fgetc
setvbuf
fgetpos
fclose
_fseeki64
fread
fputc

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_errno
_invalid_parameter_noinfo_noreturn
_initterm_e
_initterm
terminate
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_seh_filter_dll
_invalid_parameter_noinfo
_configure_narrow_argv

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-string-l1-1-0

strnlen
islower
isdigit
ispunct
isalnum
isxdigit
isalpha
strncpy
isupper
isgraph
toupper
strpbrk
strncat
strcspn
isspace
strspn
tolower
iscntrl
strcpy_s
strcmp

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc
_aligned_malloc

api-ms-win-crt-math-l1-1-0

asin
log2
acos
fmod
tan
log
atan2
cos
ldexp
frexp
tanh
pow
cosh
log10
modf
sin
atan
round
sqrt
floorf
sinh
_dsign
exp
floor
ceilf
ceil

api-ms-win-crt-convert-l1-1-0

strtoull
strtod
atoi
strtoul

api-ms-win-crt-time-l1-1-0

clock
_time64
strftime
_localtime64_s
_gmtime64_s
_difftime64

Exports

Exports

RBXCompile
RBXDecompress
RBXRawCompile
Setup

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UpdatedIncognito-main/UpdatedIncognito-main/cert/__pycache__/certgg.cpython-311.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/__pycache__/certgg.cpython-312.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/__pycache__/init_script.cpython-311.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/__pycache__/init_script.cpython-312.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/bridge/__pycache__/bridge.cpython-311.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/bridge/__pycache__/bridge.cpython-312.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/bridge/__pycache__/bridge_callbacks.cpython-311.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/bridge/__pycache__/bridge_callbacks.cpython-312.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/bridge/bridge.py
UpdatedIncognito-main/UpdatedIncognito-main/cert/bridge/bridge_callbacks.py
UpdatedIncognito-main/UpdatedIncognito-main/cert/certgg.py
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script.py
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/loader.lua
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/bridge.luau
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/env_builtins.luau
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/bit.luau
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/cache.luau
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/closure.luau
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/crypt.luau
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/debug.luau
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/drawing.luau
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/filesystem.luau
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/http.luau
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/input.luau
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/instances.luau
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/misc.luau
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/rconsole.luau
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/scripts.luau
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/threadcontext.luau
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/environment/websocket.luau
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/init.luau
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/lib/aes.luau
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/lib/base64.luau
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/lib/goodsignal.luau
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/lib/hashlib.luau
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/lib/lz4.luau
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/sandbox.luau
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/init_script/modules/utils.luau
.js
UpdatedIncognito-main/UpdatedIncognito-main/cert/mempy/CryptGuard.py
UpdatedIncognito-main/UpdatedIncognito-main/cert/mempy/__pycache__/CryptGuard.cpython-311.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/mempy/__pycache__/CryptGuard.cpython-312.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/mempy/__pycache__/api.cpython-311.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/mempy/__pycache__/api.cpython-312.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/mempy/api.py
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/__pycache__/base.cpython-311.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/__pycache__/base.cpython-312.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/__pycache__/bytecode.cpython-311.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/__pycache__/bytecode.cpython-312.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/__pycache__/classdescriptor.cpython-311.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/__pycache__/classdescriptor.cpython-312.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/__pycache__/instance.cpython-311.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/__pycache__/instance.cpython-312.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/__pycache__/logger.cpython-311.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/__pycache__/logger.cpython-312.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/__pycache__/utils.cpython-311.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/__pycache__/utils.cpython-312.pyc
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/base.py
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/bytecode.py
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/classdescriptor.py
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/instance.py
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/logger.py
UpdatedIncognito-main/UpdatedIncognito-main/cert/utils/utils.py
UpdatedIncognito-main/UpdatedIncognito-main/compiler.py
.py .js
UpdatedIncognito-main/UpdatedIncognito-main/main.py
UpdatedIncognito-main/UpdatedIncognito-main/workspace/.tests/appendfile.txt
UpdatedIncognito-main/UpdatedIncognito-main/workspace/.tests/getcustomasset.txt
UpdatedIncognito-main/UpdatedIncognito-main/workspace/.tests/isfile.txt
UpdatedIncognito-main/UpdatedIncognito-main/workspace/.tests/listfiles/test_1.txt
UpdatedIncognito-main/UpdatedIncognito-main/workspace/.tests/listfiles/test_2.txt
UpdatedIncognito-main/UpdatedIncognito-main/workspace/.tests/loadfile.txt
UpdatedIncognito-main/UpdatedIncognito-main/workspace/.tests/readfile.txt
UpdatedIncognito-main/UpdatedIncognito-main/workspace/.tests/writefile
UpdatedIncognito-main/UpdatedIncognito-main/workspace/.tests/writefile.txt
UpdatedIncognito-main/UpdatedIncognito-main/workspace/IY_FE.iy
UpdatedIncognito-main/UpdatedIncognito-main/workspace/f42f3746fb3eb60f837d3673581c14a5-cache.lua
.js

Sharing

General

Malware Config

Signatures

Files

dfd11645eb4732c0409f51f0532c3683

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-time-l1-1-0

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 195KB - Virtual size: 195KB

.data Size: 12KB - Virtual size: 48KB

.pdata Size: 39KB - Virtual size: 38KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 195KB - Virtual size: 195KB

.data
Size: 12KB - Virtual size: 48KB

.pdata
Size: 39KB - Virtual size: 38KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 6KB - Virtual size: 5KB