ac5ecd9d83765b7baec7b17fe4223b5b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ac5ecd9d83765b7baec7b17fe4223b5b_JaffaCakes118
Size

173KB
MD5

ac5ecd9d83765b7baec7b17fe4223b5b
SHA1

345cb6144e75306ea3b184cfc47a6256dbf5cd95
SHA256

9e0727e5eb7367b8d02bda9eb29ad32c67ee26fe44bbc7313054130c964a47d1
SHA512

d54dccaf04b526b362fe621a7f114bb6eb2991abfe5215b422145aeda7a2dcf98f8843e31c57d2d0f10ba2902b7743e26be92b2b0eb204dc62f3ccf1a465c827
SSDEEP

3072:rUuTyikrJmlRbzsXWfRZC0CT4UBZjMp+yBYxtrf83TF57vf5ivsxq9tnW:8/JExzaWvCy+DSYxtrfoz7vk/W

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CSS_BHOP_V34/CSS BHOP V34/Banny Hop V34.exe
unpack001/CSS_BHOP_V34/CSS BHOP V34/rev0lt/bin/rev0lt.dll

Files

ac5ecd9d83765b7baec7b17fe4223b5b_JaffaCakes118
.rar
CSS_BHOP_V34/CSS BHOP V34/Banny Hop V34.exe
.exe windows:4 windows x86 arch:x86

e7075482c29e949390e49ccafcdce0e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Ex777\Desktop\Rev0lt\Rev0lt Loader\release\Rev0lt Loader.pdb

Imports

kernel32

Sleep
CloseHandle
CreateRemoteThread
GetProcAddress
CreateMutexA
VirtualAllocEx
GetLastError
OpenProcess
GlobalFree
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalLock
ReadFile
GetFileSize
CreateFileA
GetPrivateProfileStringA
lstrlenA
ExitProcess
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetTickCount
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSection
RaiseException
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
GetLocaleInfoA
VirtualAlloc
HeapReAlloc
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateThread
GetModuleHandleA
FindFirstFileA
WriteProcessMemory
WriteFile
GetCurrentDirectoryA

user32

GetWindowLongA
SetWindowLongA
LoadCursorA
RegisterClassExA
GetClassInfoExA
TranslateMessage
DispatchMessageA
GetMessageA
CreateWindowExA
SetRect
GetClientRect
DrawTextA
GetWindowTextA
GetParent
SetWindowTextA
DefWindowProcA
EndPaint
PostQuitMessage
SetWindowPos
SetWindowRgn
InvalidateRect
UnregisterClassA
LoadIconA
UpdateWindow
SendMessageA
MessageBoxA
GetWindowThreadProcessId
FindWindowA
ShowWindow
PostMessageA
LoadImageA
BeginPaint

comctl32

InitCommonControlsEx
_TrackMouseEvent

gdi32

BitBlt
GetObjectA
ExtCreateRegion
CombineRgn
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
GetCurrentObject
SetTextColor
CreateFontA
SetBkMode

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CSS_BHOP_V34/CSS BHOP V34/rev0lt/bin/rev0lt.dll
.dll windows:4 windows x86 arch:x86

60a6a61741598595851e0867d2c79dd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Dokumente und Einstellungen\Dieter Detmers\Eigene Dateien\HL²\AldiSkill's Hack\AldiSkill's Hack v1\Bunny 1.2\HL2\Release\HL2.pdb

Imports

kernel32

GetProcAddress
GetModuleHandleA
VirtualProtect
Sleep
CreateThread
GetModuleFileNameA
VirtualQuery
HeapAlloc
GetProcessHeap
CloseHandle
GetLocaleInfoW
FlushFileBuffers
GetSystemInfo
VirtualAlloc
SetStdHandle
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
LeaveCriticalSection
EnterCriticalSection
GetACP
GetOEMCP
GetCPInfo
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
RaiseException
SetFilePointer
InitializeCriticalSection
InterlockedExchange
LoadLibraryA
LCMapStringA
MultiByteToWideChar
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
ReadFile

tier0

Error
g_pMemAlloc
GetCPUInformation

vstdlib

Q_snprintf
KeyValuesSystem

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CSS_BHOP_V34/CSS BHOP V34/rev0lt/skin/1Main.bmp
CSS_BHOP_V34/CSS BHOP V34/rev0lt/skin/Main.bmp
CSS_BHOP_V34/CSS BHOP V34/rev0lt/skin/Mask.bmp
CSS_BHOP_V34/CSS BHOP V34/rev0lt/skin/Thumbs.db
CSS_BHOP_V34/CSS BHOP V34/rev0lt/skin/skin.ini

Sharing

General

Malware Config

Signatures

Files

e7075482c29e949390e49ccafcdce0e2

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

gdi32

ole32

oleaut32

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 8KB - Virtual size: 8KB

60a6a61741598595851e0867d2c79dd2

Headers

File Characteristics

PDB Paths

Imports

kernel32

tier0

vstdlib

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 32KB - Virtual size: 28KB

.data Size: 8KB - Virtual size: 54KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 8KB - Virtual size: 8KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 32KB - Virtual size: 28KB

.data
Size: 8KB - Virtual size: 54KB

.reloc
Size: 16KB - Virtual size: 15KB