Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Overview
overview
7Static
static
3mod_sa.v4....up.exe
windows7-x64
7mod_sa.v4....up.exe
windows10-2004-x64
7$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...od.dll
windows7-x64
1$PLUGINSDI...od.dll
windows10-2004-x64
1$PLUGINSDI...rl.dll
windows7-x64
3$PLUGINSDI...rl.dll
windows10-2004-x64
3$PLUGINSDI...og.dll
windows7-x64
3$PLUGINSDI...og.dll
windows10-2004-x64
3$PLUGINSDI...up.exe
windows7-x64
7$PLUGINSDI...up.exe
windows10-2004-x64
7d3d9.dll
windows7-x64
1d3d9.dll
windows10-2004-x64
1Static task
static1
Behavioral task
behavioral1
Sample
mod_sa.v4.4.1.3.SA-MP.v0.3.7.R1.Setup.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
mod_sa.v4.4.1.3.SA-MP.v0.3.7.R1.Setup.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/bassmod.dll
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/bassmod.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/brandingurl.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/brandingurl.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/dumplog.dll
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/dumplog.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/dxwebsetup.exe
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/dxwebsetup.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
d3d9.dll
Resource
win7-20240508-en
Behavioral task
behavioral14
Sample
d3d9.dll
Resource
win10v2004-20240611-en
Target
9f9dd326e63c80a4a44f3adb4d33ca68_JaffaCakes118
Size
689KB
MD5
9f9dd326e63c80a4a44f3adb4d33ca68
SHA1
6992f55f19ef1f4bf32bbd06adf09251c97ec29a
SHA256
bce4885c52f492c6a19a880c0c832a47732f0d3c23befe79420e80764f99f809
SHA512
c4e044accd4d8d7e0f5d41d1d0ef493a660d6c05afc157e0b93df4f5879cc6aae71efa44b81d4be554fd3bddb9c7e7e085f5c48f4deb305a6863095a4de3066f
SSDEEP
12288:HWSZOcSR5GrrkWTelQXpHnWR53ll9saU1bxcpoQAFrlrYecUE1cx:HWAOZFMnW7l0aUhQdzRa
Checks for missing Authenticode signature.
resource |
---|
unpack001/mod_sa.v4.4.1.3.SA-MP.v0.3.7.R1.Setup.exe |
unpack002/$PLUGINSDIR/System.dll |
unpack002/$PLUGINSDIR/bassmod.dll |
unpack002/$PLUGINSDIR/brandingurl.dll |
unpack002/$PLUGINSDIR/dumplog.dll |
unpack002/d3d9.dll |
resource | yara_rule |
---|---|
static1/unpack001/mod_sa.v4.4.1.3.SA-MP.v0.3.7.R1.Setup.exe | nsis_installer_1 |
static1/unpack001/mod_sa.v4.4.1.3.SA-MP.v0.3.7.R1.Setup.exe | nsis_installer_2 |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
CopyFileA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetFileAttributesA
SetFileAttributesA
ExitProcess
SetEnvironmentVariableA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
GetCurrentProcess
GetFullPathNameA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
CloseHandle
SetCurrentDirectoryA
MoveFileA
CompareFileTime
GetShortPathNameA
SearchPathA
lstrcmpiA
SetFileTime
lstrcmpA
ExpandEnvironmentStringsA
lstrcpynA
SetErrorMode
GlobalFree
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc
ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA
SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
RegDeleteKeyA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA
ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17
OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError
wsprintfA
StringFromGUID2
CLSIDFromString
Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
BASSMOD_ErrorGetCode
BASSMOD_Free
BASSMOD_GetCPU
BASSMOD_GetDeviceDescription
BASSMOD_GetVersion
BASSMOD_GetVolume
BASSMOD_Init
BASSMOD_MusicDecode
BASSMOD_MusicFree
BASSMOD_MusicGetLength
BASSMOD_MusicGetName
BASSMOD_MusicGetPosition
BASSMOD_MusicGetVolume
BASSMOD_MusicIsActive
BASSMOD_MusicLoad
BASSMOD_MusicPause
BASSMOD_MusicPlay
BASSMOD_MusicPlayEx
BASSMOD_MusicRemoveSync
BASSMOD_MusicSetAmplify
BASSMOD_MusicSetPanSep
BASSMOD_MusicSetPosition
BASSMOD_MusicSetPositionScaler
BASSMOD_MusicSetSync
BASSMOD_MusicSetVolume
BASSMOD_MusicStop
BASSMOD_SetVolume
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
lstrcpyA
GlobalFree
GetWindowRect
SetCapture
InvalidateRect
SendMessageA
GetCapture
ClientToScreen
EnableWindow
LoadImageA
SetPropA
SetWindowLongA
GetWindowLongA
GetDlgItem
PtInRect
ReleaseCapture
SetCursor
GetPropA
CallWindowProcA
RedrawWindow
GetObjectA
SetTextColor
CreateFontIndirectA
ShellExecuteA
Set
Unload
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GlobalFree
lstrcpyA
lstrcmpA
CloseHandle
WriteFile
lstrcatA
CreateFileA
GetDlgItem
FindWindowExA
SendMessageA
DumpLog
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA
LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree
GetDeviceCaps
ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics
ord17
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
D3DXCreateTextureFromFileA
D3DXAssembleShader
D3DXCreateSprite
D3DXMatrixTransformation2D
D3DXMatrixInverse
GetCurrentProcess
GetModuleHandleA
GetSystemTimeAsFileTime
GetSystemInfo
GlobalAlloc
GlobalLock
GlobalUnlock
GetLastError
LoadLibraryA
FreeLibrary
DisableThreadLibraryCalls
SetUnhandledExceptionFilter
GetModuleFileNameA
GetSystemDirectoryA
VirtualQuery
LCMapStringW
OutputDebugStringW
LoadLibraryExW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
FlushInstructionCache
GetProcAddress
OutputDebugStringA
Sleep
MultiByteToWideChar
VirtualProtect
GetTickCount
GetLocalTime
SetFilePointerEx
SetStdHandle
GetStringTypeW
WriteConsoleW
CreateFileW
HeapAlloc
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
HeapFree
SetEndOfFile
HeapReAlloc
RtlUnwind
EncodePointer
DecodePointer
RaiseException
GetCommandLineA
GetCurrentThreadId
GetProcessHeap
ExitProcess
GetModuleHandleExW
AreFileApisANSI
WideCharToMultiByte
GetStdHandle
WriteFile
GetModuleFileNameW
IsProcessorFeaturePresent
IsDebuggerPresent
SetLastError
EnterCriticalSection
LeaveCriticalSection
CloseHandle
ReadFile
GetConsoleMode
ReadConsoleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetFileType
DeleteCriticalSection
GetStartupInfoW
HeapSize
FlushFileBuffers
GetConsoleCP
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
MessageBoxA
GetCursorPos
GetClientRect
GetAsyncKeyState
GetKeyState
SetWindowPos
GetSystemMetrics
MoveWindow
FillRect
SetWindowLongA
GetForegroundWindow
MapVirtualKeyA
CallWindowProcA
ScreenToClient
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
CreateDIBSection
SetTextAlign
SetTextColor
SetMapMode
SetBkMode
SelectObject
GetTextExtentPoint32A
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreateFontA
CreateCompatibleDC
ExtTextOutA
ShellExecuteA
Direct3DCreate9
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ