MuFl"Vqk/�˔0�̺|����\���*<��!삊=T��R]F��0�$�Ne��Y�mhI �9+ 5]MY��.�����E�P��W@�;�&N67aE���� ;�8������̗�d 3�}��T�ed-���&:��܁��!TLR��@E�Ä�4�qx���㦅�8��J��y)a������l���%Ρi�,����*��-*su�� ��s���^ ���52e�ߠs�u%Y��T��U�v9���uc5x�ݕ�ׅ�FK��.�JTJ�%od��R=���_!f��#YP��8P+ �D���/L�7�a���F��b�U���~o� vn��$��c�3U�HzD�J�l/Vř,?��9Loἅ?�,mIq�h�!E���WH/H�CjJ�f�����sT��"寋�u0k�Q_�W��z���G`f#��?Q�-}�fh�}L��f�(%Os�|nI}�}b�y� p 飚�*Ց����"���� �Z��T�G�Q�?2�����2a�,��s�#��<��`���}�z�]��+ƇV� R#j^{6�p�#�-ܕ�}y�S��&vt�|L�J`5y䮦ɖ9{gY�E�p �$'B/���qj|_/\�_���n��V�oH�qY+3YD�A���P�/�\�(5��n=��NO�)f�sQC'6��U��U�t���ڡN���&���M�?�6�+�qRK���.)��I?��u�;$DfƉ��^g(Pϔ �E|�4�lg`��Ԟ#�.>[���$�' ��7c���G��۩����ir���t�ɿsזڝ���L�����y㐤��f�g�MM��w�6���oɄ�o^���?��Fsm.�0]��W�����Ov�����D{X.V��{��Ϣ�7�W���6cU��<�yc7�u������@�Ƅ��J&!�#��X�̚�$��F�������[b'��J��M�X�����W�?7_��u{Z��:_8��b�W�1F8�6g����0��iv�����Şn��kn�}�7t�kz$�cҼl�"��#m���i3�ӿs��ޟ��P��`�����IҊF���ՠ���{&��o��߮��� ��+��Тŀ��.$�ו�w�|�(�<k��N7��oc��.lb�-����N����J�&���?q��_ܷ�!�ɕ~�B{�����+�������K+扭��(��>Q��)!��s�j�o���eP@q��.��}�^�����`�xp�5E�!����0�����~#�F�@��DoAz�5�D��*v.���i�m���0W��p ����}&�8���qD�6T@p �*���Y�%�$�p�w��� p@��$�����NCigx���2��*��^��Ӛ\�q�ú G����kQ���A��]��"��d���ݧ�7ӹ]������Y�4A8�?G� ��j]�m��@�a��!�ٲ����#�t�P`��w�ic&�BB�����1��9�;��S��װ��]a��Q�t�m؇���KsY��,lhr���;�����pMf���5_��ܑ�.^�nZ�/uwކ�떊�A����:��o�P�';u���.�����7`%/���|�����J��=������'��5�0Ҋ�hN��`@J[����È>K$T��,1;��'3��EM@0�&W��x� �d2G���[�z�/pA�!�q���>��N����@S�t�[ӄ�a!n����2�|���SZڱ�*��q��hY����fx�Z'�If�����냡ގ�G�Nw�*�3;���K�mD�>�H��<j�PSt?���� ��ѳ�5}hAw!цO����H��@�0�aP�iZ��/i>=;�z��o�V�,�\�oc�S������AZ��7�4�`�˧���r�N!|�#�%| }���K`2��c ��TJm�ˊ�Y��8>l}�`G(�c�e�of^��d��0d�bz�V�?����^���� 2�?��F��X�@��o�N��C`���������u�z�{BK��3����6r!�f┉nkЮ�K���iD��c3& 1��>��b'�D6�i��ձ���q;1�k�����g�f�d`�`9(58V�MJ�a����vv�����>;Jn����,$ ���P�y�~D��$��睦��iI�;o��g����p?�0��l툑�.)�8x"����=��y��=U@�?�����.hC8~o� В�J�_���QF*�Vۏ�KA��(f�{|�E��ҍ8�?E���{,����'��d��t�D_�$���5(P�f��UK�|�\����]��E�y��z�� ��K���9��s>J!�<���b�+f���w��Ry�JG`�J�6�S����V����c�n2���P=~a��@#$�J��J�װ<���b���%��a�Ê����<|�l���p�F]�%zݟ��e���I~��k�,��N����/����������N�m�/P�� �6���0������+"��.p���6��v�9�L�z�ө��j�;�cZ�!kx��.����+�=���1�^�xw��eU;S�k�R������-�m�,�8W��M/�࠰������=|�'��O�0��% �/�!E��ܾ�O�8������Z���4e pi��d>��*��d�O�&�3tF+vBH5����7� �Z��`����)��9>Ik��8��S�5WR$���#��k���,��9�PSĠ����xh�E���.e�1�>j���x�� ��/�6a��La����i�1ɴ�<d<��v_��t���U>�r=����0E�:4��9�C�@������h�*��c��]ɴP3� $uD����@|���M�I���[���B�^c�˝��u�x� �H?�~Õ���8�l�֏R1G����!z���7�O�E�YmǦ 7�c�?dt >� EF���fEU3��MC1���z+�܋N��V�c�@����D��o�q�9 Th �x��H%)ݽ6�m\�x� �*O >x�D��^�+�`��<?��)��r`}�����c�
Static task
static1
Behavioral task
behavioral1
Sample
1372243131_assassins-creed-3-treyner-20-v1.06-lingon/Assassin's Creed 3 трейнер +20 v1.06 {Li.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1372243131_assassins-creed-3-treyner-20-v1.06-lingon/Assassin's Creed 3 трейнер +20 v1.06 {Li.exe
Resource
win10v2004-20240412-en
General
-
Target
f8090fa56672291dc001b34f44395fd5_JaffaCakes118
-
Size
2.1MB
-
MD5
f8090fa56672291dc001b34f44395fd5
-
SHA1
62c9d67d6815b87f5b6e15524d6d002ea54f0cae
-
SHA256
7ea2f7ac535d57efd67edab66cdfbe45075a910937d2b579c1db076a20e6bf7f
-
SHA512
b60948975b3a8b41ba919a76b636c8f5782c55be284327a969a19a57ac465bc7b22bde806cf4f83b493826ba0f13b55577165e833f51e81bdefa5df11d448fe0
-
SSDEEP
49152:qrBJ9ORLT/roshak/cTZpvHWxNu/Y/uWQWhpv7XQlWax6tAPF2uF:qrBJ+/BIAcNp2xNug/uWQWhZXLRkF
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/1372243131_assassins-creed-3-treyner-20-v1.06-lingon/Assassin's Creed 3 трейнер +20 v1.06 {LinGon}/AC_III+20Tr-LNG_v1.06/AC_III+20Tr-LNG_UD1.06.exe
Files
-
f8090fa56672291dc001b34f44395fd5_JaffaCakes118.rar
-
1372243131_assassins-creed-3-treyner-20-v1.06-lingon/Assassin's Creed 3 трейнер +20 v1.06 {LinGon}/AC_III+20Tr-LNG_v1.06/AC_III+20Tr-LNG_UD1.06.exe.exe windows:4 windows x86 arch:x86
e32e3f0d8ce2f57e9cc452a0a8d93807
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord716
kernel32
HeapAlloc
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess
winmm
waveOutClose
user32
MessageBoxA
Exports
Exports
Sections
.text Size: - Virtual size: 3.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 21KB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.VCrypt0 Size: - Virtual size: 1.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
.tls Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.VCrypt1 Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
1372243131_assassins-creed-3-treyner-20-v1.06-lingon/Assassin's Creed 3 трейнер +20 v1.06 {LinGon}/AC_III+20Tr-LNG_v1.06/AC_III+20Tr-LNG_v1.06 - I.N.F.O.txt
-
1372243131_assassins-creed-3-treyner-20-v1.06-lingon/Assassin's Creed 3 трейнер +20 v1.06 {LinGon}/AC_III+20Tr-LNG_v1.06/VERY IMPORTANT!.txt