0c9da8982ca843be2cb5d2b58c5b8256_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c9da8982ca843be2cb5d2b58c5b8256_JaffaCakes118
Size

11.0MB
MD5

0c9da8982ca843be2cb5d2b58c5b8256
SHA1

1188431de73550a74a8d67aeaf9276ee81130831
SHA256

76a1b87c142f7946980f2edb14b2d4241713e3715011933cfaddfbee4a2eb40b
SHA512

ddcfcce7e1fa82e3a65087ab4f88c9de69e03fdfdc98584727d6d9c0912799beea9bc5a6b54118e8249c6324c43fc55aa6952ea549e62e8c82743071815b67fb
SSDEEP

196608:O8RvV9gGu/uEGMV+Zmg59wKY/1JjmxJS/WmIEFZn59wKY/1JjmxJ04ub4n9Es:OQ9uZuzKomcwKY/TjqKIEFZrwKY/Tjqf

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/gulman25d/от1 лица/classic/gulman_classic.exe
unpack001/gulman25d/от1 лица/modern/gulman_modern.exe
unpack001/gulman25d/от3 лица/gulman_modern3ps.exe

Files

0c9da8982ca843be2cb5d2b58c5b8256_JaffaCakes118
.rar
gulman25d/ПРОЧТИ МЕНЯ В НАЧАЛЕ!.txt
gulman25d/от1 лица/classic/game.pak
gulman25d/от1 лица/classic/gulman_classic.exe
.exe windows:4 windows x86 arch:x86

aaec5d0be993be85908938178959da25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
log10
memcpy
fopen
fseek
fclose
_stricmp
strncpy
strlen
strcpy
sprintf
strcmp
strncmp
abs
sin
fabs
tan
cos
_filbuf
atan
pow
sqrt

kernel32

GetModuleHandleA
HeapCreate
GetTickCount
HeapDestroy
ExitProcess
GetModuleFileNameA
HeapFree
HeapAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
CreateThread
CloseHandle
GetCurrentThreadId
GetCurrentProcessId
InitializeCriticalSection
GetCommandLineA
CreateFileA
ReadFile
GetCurrentThread
GetThreadPriority
SetThreadPriority
QueryPerformanceFrequency
QueryPerformanceCounter
WriteFile
HeapReAlloc

comctl32

InitCommonControls
InitCommonControlsEx

user32

GetSystemMetrics
GetFocus
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows
ClipCursor
ShowCursor
GetWindowRect
OffsetRect
SetCursorPos
SetMenu
DestroyMenu
GetPropA
GetMenu
CallWindowProcA
CreateMenu
SetWindowLongA
SetPropA
AppendMenuA
SetRect
GetClientRect
ClientToScreen
GetDC
ReleaseDC
ShowWindow
PeekMessageA
TranslateMessage
DispatchMessageA
SetWindowTextA
MoveWindow
FillRect
InvalidateRect
BeginPaint
EndPaint
DefWindowProcA
LoadIconA
RegisterClassExA
CreateWindowExA
SendMessageA
GetWindowTextLengthA
GetWindowTextA
GetWindowLongA
DestroyWindow
RemovePropA
GetParent
GetWindow
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
LoadCursorA
RegisterClassA
AdjustWindowRect
GetActiveWindow
CreateAcceleratorTableA
MsgWaitForMultipleObjects
GetMessageA
TranslateAcceleratorA
LoadImageA
SetCursor
MapWindowPoints
SystemParametersInfoA
GetKeyState
SetCapture
PostMessageA
GetCursorPos
ReleaseCapture
EnumChildWindows
DefFrameProcA
SetFocus
IsChild
GetClassNameA

gdi32

GetDeviceCaps
GetStockObject
DeleteObject
CreateSolidBrush
CreatePen
SelectObject
DeleteDC
SetTextAlign
SetTextColor
SetPixelV
Rectangle
SetBkColor
SetROP2
SetBkMode

ole32

CoInitialize
RevokeDragDrop
CoCreateInstance

winmm

timeBeginPeriod
timeEndPeriod

Sections

.code
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
gulman25d/от1 лица/modern/game.pak
gulman25d/от1 лица/modern/gulman_modern.exe
.exe windows:4 windows x86 arch:x86

aaec5d0be993be85908938178959da25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
log10
memcpy
fopen
fseek
fclose
_stricmp
strncpy
strlen
strcpy
sprintf
strcmp
strncmp
abs
sin
fabs
tan
cos
_filbuf
atan
pow
sqrt

kernel32

GetModuleHandleA
HeapCreate
GetTickCount
HeapDestroy
ExitProcess
GetModuleFileNameA
HeapFree
HeapAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
CreateThread
CloseHandle
GetCurrentThreadId
GetCurrentProcessId
InitializeCriticalSection
GetCommandLineA
CreateFileA
ReadFile
GetCurrentThread
GetThreadPriority
SetThreadPriority
QueryPerformanceFrequency
QueryPerformanceCounter
WriteFile
HeapReAlloc

comctl32

InitCommonControls
InitCommonControlsEx

user32

GetSystemMetrics
GetFocus
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows
ClipCursor
ShowCursor
GetWindowRect
OffsetRect
SetCursorPos
SetMenu
DestroyMenu
GetPropA
GetMenu
CallWindowProcA
CreateMenu
SetWindowLongA
SetPropA
AppendMenuA
SetRect
GetClientRect
ClientToScreen
GetDC
ReleaseDC
ShowWindow
PeekMessageA
TranslateMessage
DispatchMessageA
SetWindowTextA
MoveWindow
FillRect
InvalidateRect
BeginPaint
EndPaint
DefWindowProcA
LoadIconA
RegisterClassExA
CreateWindowExA
SendMessageA
GetWindowTextLengthA
GetWindowTextA
GetWindowLongA
DestroyWindow
RemovePropA
GetParent
GetWindow
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
LoadCursorA
RegisterClassA
AdjustWindowRect
GetActiveWindow
CreateAcceleratorTableA
MsgWaitForMultipleObjects
GetMessageA
TranslateAcceleratorA
LoadImageA
SetCursor
MapWindowPoints
SystemParametersInfoA
GetKeyState
SetCapture
PostMessageA
GetCursorPos
ReleaseCapture
EnumChildWindows
DefFrameProcA
SetFocus
IsChild
GetClassNameA

gdi32

GetDeviceCaps
GetStockObject
DeleteObject
CreateSolidBrush
CreatePen
SelectObject
DeleteDC
SetTextAlign
SetTextColor
SetPixelV
Rectangle
SetBkColor
SetROP2
SetBkMode

ole32

CoInitialize
RevokeDragDrop
CoCreateInstance

winmm

timeBeginPeriod
timeEndPeriod

Sections

.code
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
gulman25d/от3 лица/game.pak
gulman25d/от3 лица/gulman_modern3ps.exe
.exe windows:4 windows x86 arch:x86

aaec5d0be993be85908938178959da25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
log10
memcpy
fopen
fseek
fclose
_stricmp
strncpy
strlen
strcpy
sprintf
strcmp
strncmp
abs
sin
fabs
tan
cos
_filbuf
atan
pow
sqrt

kernel32

GetModuleHandleA
HeapCreate
GetTickCount
HeapDestroy
ExitProcess
GetModuleFileNameA
HeapFree
HeapAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
CreateThread
CloseHandle
GetCurrentThreadId
GetCurrentProcessId
InitializeCriticalSection
GetCommandLineA
CreateFileA
ReadFile
GetCurrentThread
GetThreadPriority
SetThreadPriority
QueryPerformanceFrequency
QueryPerformanceCounter
WriteFile
HeapReAlloc

comctl32

InitCommonControls
InitCommonControlsEx

user32

GetSystemMetrics
GetFocus
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows
ClipCursor
ShowCursor
GetWindowRect
OffsetRect
SetCursorPos
SetMenu
DestroyMenu
GetPropA
GetMenu
CallWindowProcA
CreateMenu
SetWindowLongA
SetPropA
AppendMenuA
SetRect
GetClientRect
ClientToScreen
GetDC
ReleaseDC
ShowWindow
PeekMessageA
TranslateMessage
DispatchMessageA
SetWindowTextA
MoveWindow
FillRect
InvalidateRect
BeginPaint
EndPaint
DefWindowProcA
LoadIconA
RegisterClassExA
CreateWindowExA
SendMessageA
GetWindowTextLengthA
GetWindowTextA
GetWindowLongA
DestroyWindow
RemovePropA
GetParent
GetWindow
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
LoadCursorA
RegisterClassA
AdjustWindowRect
GetActiveWindow
CreateAcceleratorTableA
MsgWaitForMultipleObjects
GetMessageA
TranslateAcceleratorA
LoadImageA
SetCursor
MapWindowPoints
SystemParametersInfoA
GetKeyState
SetCapture
PostMessageA
GetCursorPos
ReleaseCapture
EnumChildWindows
DefFrameProcA
SetFocus
IsChild
GetClassNameA

gdi32

GetDeviceCaps
GetStockObject
DeleteObject
CreateSolidBrush
CreatePen
SelectObject
DeleteDC
SetTextAlign
SetTextColor
SetPixelV
Rectangle
SetBkColor
SetROP2
SetBkMode

ole32

CoInitialize
RevokeDragDrop
CoCreateInstance

winmm

timeBeginPeriod
timeEndPeriod

Sections

.code
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aaec5d0be993be85908938178959da25

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

ole32

winmm

Sections

.code Size: 74KB - Virtual size: 74KB

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 1024B - Virtual size: 820B

.data Size: 5KB - Virtual size: 355KB

.rsrc Size: 2KB - Virtual size: 1KB

aaec5d0be993be85908938178959da25

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

ole32

winmm

Sections

.code Size: 74KB - Virtual size: 74KB

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 1024B - Virtual size: 820B

.data Size: 5KB - Virtual size: 355KB

.rsrc Size: 2KB - Virtual size: 1KB

aaec5d0be993be85908938178959da25

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

ole32

winmm

Sections

.code Size: 74KB - Virtual size: 74KB

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 1024B - Virtual size: 820B

.data Size: 5KB - Virtual size: 355KB

.rsrc Size: 2KB - Virtual size: 1KB

.code
Size: 74KB - Virtual size: 74KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 1024B - Virtual size: 820B

.data
Size: 5KB - Virtual size: 355KB

.rsrc
Size: 2KB - Virtual size: 1KB

.code
Size: 74KB - Virtual size: 74KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 1024B - Virtual size: 820B

.data
Size: 5KB - Virtual size: 355KB

.rsrc
Size: 2KB - Virtual size: 1KB

.code
Size: 74KB - Virtual size: 74KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 1024B - Virtual size: 820B

.data
Size: 5KB - Virtual size: 355KB

.rsrc
Size: 2KB - Virtual size: 1KB