8291f5b41015d5649929f0c6e2313062_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8291f5b41015d5649929f0c6e2313062_JaffaCakes118
Size

83KB
MD5

8291f5b41015d5649929f0c6e2313062
SHA1

8c16a72c9fddb13c921444a8d55e725a5c970e6c
SHA256

65ab65a3a616e7432d604c00c3ce8e8d49ff0799ba1fe75efa853dae0001f984
SHA512

22a0500b5c9aad56345112c2f3d4f09fb12a4663c3732a9ffc66fecd97b977f06dd528d239ee728a5dcc8f422739f1cf8c2d45c747981eeac2e1554e051576c4
SSDEEP

1536:7lwczkZ1uEPpxIsEIo7QJJJO+bgV5NQv6OHpUd3KfAbpnc2/jV7Uuvg9ucozRS0:3OuEP77oMJmsC5NJOg3qyncmUuwudzL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/steam_api.dll

Files

8291f5b41015d5649929f0c6e2313062_JaffaCakes118
.rar
3DMGAME 中国第一单机游戏门户全球最大汉化游戏论坛.url
steam_api.dll
.dll windows:5 windows x86 arch:x86

c228f2f0c46aa4864876930a0ff59a7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
LocalAlloc
TlsAlloc
LocalFree
TlsFree
GetPrivateProfileStructW
WritePrivateProfileStructW
GetLastError
CreateDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentDirectoryW
DeleteFileW
GetCurrentProcess
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetModuleHandleA
WriteFile
GetCurrentProcessId
GetFileSize
FindFirstFileW
SetFilePointer
GetTickCount
ReadFile
CreateFileW
FindClose
FindNextFileW
GetFileTime
CloseHandle
DeleteFileA
WriteConsoleW
SetStdHandle
TlsSetValue
TlsGetValue
GetStringTypeW
EncodePointer
DecodePointer
MultiByteToWideChar
GetSystemTimeAsFileTime
WideCharToMultiByte
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
IsProcessorFeaturePresent
IsDebuggerPresent
InterlockedDecrement
ExitProcess
GetModuleHandleExW
HeapSize
Sleep
GetStdHandle
HeapFree
HeapAlloc
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LoadLibraryExW
HeapReAlloc
OutputDebugStringW
LoadLibraryW
LCMapStringW
FlushFileBuffers

user32

MessageBoxA

advapi32

GetUserNameW
GetUserNameA

shell32

SHGetSpecialFolderPathW

Exports

Exports

GetHSteamPipe
GetHSteamUser
SteamAPI_GetHSteamPipe
SteamAPI_GetHSteamUser
SteamAPI_GetSteamInstallPath
SteamAPI_Init
SteamAPI_InitSafe
SteamAPI_IsSteamRunning
SteamAPI_RegisterCallResult
SteamAPI_RegisterCallback
SteamAPI_RestartApp
SteamAPI_RestartAppIfNecessary
SteamAPI_RunCallbacks
SteamAPI_SetBreakpadAppID
SteamAPI_SetMiniDumpComment
SteamAPI_SetTryCatchCallbacks
SteamAPI_Shutdown
SteamAPI_UnregisterCallResult
SteamAPI_UnregisterCallback
SteamAPI_UseBreakpadCrashHandler
SteamAPI_WriteMiniDump
SteamApps
SteamClient
SteamContentServer
SteamContentServerUtils
SteamContentServer_Init
SteamContentServer_RunCallbacks
SteamContentServer_Shutdown
SteamFriends
SteamGameServer
SteamGameServerApps
SteamGameServerNetworking
SteamGameServerStats
SteamGameServerUtils
SteamGameServer_BSecure
SteamGameServer_GetHSteamPipe
SteamGameServer_GetHSteamUser
SteamGameServer_GetIPCCallCount
SteamGameServer_GetSteamID
SteamGameServer_Init
SteamGameServer_InitSafe
SteamGameServer_RunCallbacks
SteamGameServer_Shutdown
SteamHTTP
SteamMasterServerUpdater
SteamMatchmaking
SteamMatchmakingServers
SteamNetworking
SteamRemoteStorage
SteamScreenshots
SteamUser
SteamUserStats
SteamUtils
Steam_GetHSteamUserCurrent
Steam_RegisterInterfaceFuncs
Steam_RunCallbacks
g_pSteamClientGameServer

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rld0
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rld1
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
steam_rld.ini
说明.txt

Sharing

General

Malware Config

Signatures

Files

c228f2f0c46aa4864876930a0ff59a7f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 5KB - Virtual size: 14KB

.rld0 Size: 20KB - Virtual size: 20KB

.rld1 Size: 20KB - Virtual size: 19KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 5KB - Virtual size: 14KB

.rld0
Size: 20KB - Virtual size: 20KB

.rld1
Size: 20KB - Virtual size: 19KB

.reloc
Size: 7KB - Virtual size: 6KB