163a2a5f3cd3e25859bf2b68ae342b8f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

163a2a5f3cd3e25859bf2b68ae342b8f_JaffaCakes118
Size

151KB
MD5

163a2a5f3cd3e25859bf2b68ae342b8f
SHA1

6a5ed3fc217470666737abdbf284f8f04314b3cb
SHA256

f3f3e99f50a897d720108da0b460382524fab3ed42e27a1e28f18d130b61aa60
SHA512

0fbb9c1e9ab5cffc5175ec6a822bc7856032a7807c52433a19647ac562346e18289e647755720e19be7e6140f59e87b0ee97cd8200e94e51d5dee2fa13051688
SSDEEP

3072:lxWuOtZgVfhO/PEubfVcbuQ8Nw/WVBEngpQDFPdJg7wPlAazYf:f4gFh2/t4gS/WwngpQpPgcPlxzYf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/tomb_raider_anniversary_plus1-abra.exe

Files

163a2a5f3cd3e25859bf2b68ae342b8f_JaffaCakes118
.rar
abra.nfo
tomb_raider_anniversary_plus1-abra.exe
.exe windows:4 windows x86 arch:x86

e8d1afc7a80a63d3b1411c2cc5e88246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA
timeSetEvent
timeKillEvent

msvfw32

DrawDibOpen
DrawDibClose
DrawDibDraw

avifil32

AVIStreamGetFrame
AVIStreamRelease
AVIStreamGetFrameClose
AVIStreamOpenFromFileA
AVIStreamGetFrameOpen
AVIFileInit
AVIFileExit
AVIStreamInfoA
AVIStreamSampleToTime
AVIStreamStart
AVIStreamLength

kernel32

SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
HeapFree
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RtlUnwind
RaiseException
CreateThread
ExitThread
TerminateProcess
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
DeleteFileA
WinExec
lstrlenA
lstrcatA
lstrcpyA
CloseHandle
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
lstrcmpA
GetCurrentThread
SuspendThread
ResumeThread
ReadProcessMemory
lstrcpynA
MulDiv
SetLastError
LocalFree
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
FindResourceA
LoadResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetVersionExA
GetCurrentProcess
GetLastError
WideCharToMultiByte
GetModuleHandleA
SetEvent
GetProcAddress
FreeLibrary
LoadLibraryA
WaitForSingleObject
CreateEventA
GetTempPathA
GetTickCount
Sleep
GetModuleFileNameA
GetSystemDirectoryA
SetFileAttributesA
LockResource
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
OpenProcess
WriteProcessMemory
HeapCreate

user32

IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
CreateDialogIndirectParamA
GetActiveWindow
EndDialog
WindowFromPoint
LoadStringA
DestroyMenu
ValidateRect
TranslateMessage
GetMessageA
PostQuitMessage
CharUpperA
GetClassNameA
GetSysColorBrush
ShowWindow
MoveWindow
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
GetTopWindow
GetCapture
WinHelpA
wsprintfA
RegisterClassA
GetMenu
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
CallNextHookEx
GetClassLongA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindowLongA
SystemParametersInfoA
GetWindowPlacement
CreateIconFromResourceEx
CreateIconFromResource
GetIconInfo
CreateIconIndirect
MessageBoxA
GetWindow
IsWindowVisible
GetWindowTextA
GetWindowThreadProcessId
FindWindowA
UnregisterClassA
GetClassInfoA
UnhookWindowsHookEx
SetWindowsHookExA
GetMenuItemCount
RemoveMenu
AppendMenuA
ReleaseDC
SetWindowRgn
GetDlgItem
SetWindowTextA
IsIconic
DrawIcon
SetScrollRange
EnableScrollBar
GetScrollPos
GetScrollRange
SetScrollPos
GetDC
LoadMenuA
GetCursorPos
SetForegroundWindow
TrackPopupMenu
PostMessageA
GetMenuItemID
LoadIconA
GetSubMenu
SetMenuDefaultItem
RegisterWindowMessageA
UpdateWindow
RemovePropA
SetPropA
SetWindowLongA
GetPropA
CallWindowProcA
GetFocus
GetAsyncKeyState
ScrollDC
DrawTextA
FillRect
InflateRect
CopyRect
DrawFocusRect
SetRect
SetCapture
ReleaseCapture
ClientToScreen
PtInRect
RedrawWindow
SetTimer
KillTimer
LoadCursorA
SetCursor
GetSystemMetrics
InvalidateRect
IsWindow
GetClientRect
GetWindowRect
GetParent
OffsetRect
GetSysColor
EnableWindow
SendMessageA
SetWindowPos
EnumWindows

gdi32

SetROP2
OffsetRgn
CreateRectRgn
CreateDIBitmap
RealizePalette
CreatePalette
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreateBitmap
MoveToEx
LineTo
SetTextAlign
FrameRgn
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetPixel
GetStockObject
CreateFontIndirectA
GetDIBits
CreateFontA
GetTextExtentPoint32A
GetBkColor
CreatePen
CreateSolidBrush
CreateDIBSection
SelectObject
ExtCreateRegion
BitBlt
CombineRgn
DeleteObject
CreateCompatibleDC
DeleteDC
GetObjectA
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

comctl32

ord17

Sections

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
www.mogelgott.de.url

Sharing

General

Malware Config

Signatures

Files

e8d1afc7a80a63d3b1411c2cc5e88246

Headers

File Characteristics

Imports

winmm

msvfw32

avifil32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 157KB - Virtual size: 282KB

.rsrc Size: 4KB - Virtual size: 3KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 157KB - Virtual size: 282KB

.rsrc
Size: 4KB - Virtual size: 3KB