aebddc9a23858858f6370a0d0f1e1433_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aebddc9a23858858f6370a0d0f1e1433_JaffaCakes118
Size

404KB
MD5

aebddc9a23858858f6370a0d0f1e1433
SHA1

0cf7c19ff66bd1cbb675e89c5616017b0b1a8068
SHA256

ce534ef0be7b7b1add1b9e51ea4fd6624122810620856b2fd713055691ae8bf3
SHA512

ed1623128d19cfad8c54003e9028b0c939d43b5413c7e87c2b7ee549ebc1e3ab002f75133d085aca8eb7ed0f11888f75a27324a6914017c028c292f00bb547de
SSDEEP

12288:SxUhrjHaRedbC2TtboKyWWd9Xp+lAvS199akq:zhaYdbC4tJ7Wd95+lAa1ykq

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GameControl/GameControl/GameControl.exe
unpack001/GameControl/GameControl/游戏双开助手2.02 注册机.exe

Files

aebddc9a23858858f6370a0d0f1e1433_JaffaCakes118
.rar
GameControl/GameControl/GameControl.exe
.exe windows:4 windows x86 arch:x86

82a46165ba1cb9046e3812d5f64c98d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3640
ord1146
ord1168
ord860
ord567
ord2370
ord5953
ord1768
ord4224
ord6197
ord3092
ord3996
ord6215
ord858
ord535
ord2379
ord755
ord470
ord5572
ord2915
ord2614
ord6907
ord3998
ord3301
ord6283
ord6282
ord6403
ord6334
ord4278
ord3522
ord1175
ord6880
ord3402
ord3721
ord3692
ord3571
ord802
ord795
ord542
ord3663
ord3626
ord2414
ord4275
ord1085
ord5601
ord640
ord5785
ord1641
ord1640
ord323
ord613
ord289
ord6172
ord5791
ord5873
ord2754
ord3706
ord324
ord5875
ord5789
ord4129
ord6453
ord823
ord809
ord556
ord1088
ord2122
ord2860
ord6199
ord3874
ord3797
ord6358
ord2859
ord2864
ord6605
ord941
ord3370
ord926
ord2575
ord4396
ord3574
ord3573
ord3693
ord609
ord4284
ord4133
ord5788
ord4297
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord5787
ord6194
ord641
ord3597
ord4425
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord5290
ord4402
ord1776
ord6055
ord2582
ord537
ord540
ord2818
ord5683
ord5943
ord800
ord693
ord815
ord561
ord3738
ord4424
ord4622
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord4710
ord4234
ord2302
ord1200
ord825
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord3619
ord5265
ord1576

msvcrt

_setmbcp
__CxxFrameHandler
_strdup
free
sprintf
_strnicmp
strstr
_mbscmp
strchr
_ftol
_mbsstr
_beginthreadex
printf
isalnum
strncpy
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

kernel32

GetModuleHandleA
SetPriorityClass
CreateFileA
SetEvent
ResetEvent
WaitForSingleObject
FindResourceA
LoadResource
SizeofResource
LockResource
GlobalAlloc
ResumeThread
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
CreateEventA
lstrcatA
lstrlenA
WinExec
lstrcpyA
LoadLibraryA
FreeLibrary
CreateToolhelp32Snapshot
Process32First
Process32Next
GetWindowsDirectoryA
GetCurrentProcess
OpenProcess
CloseHandle
DeviceIoControl
GetVersionExA
ExitProcess
CreateMutexA
GetLastError
GetModuleFileNameA
SetCurrentDirectoryA
GetStartupInfoA

user32

IsIconic
wsprintfA
MessageBoxA
GrayStringA
TabbedTextOutA
GetWindowTextA
DrawStateA
FillRect
SetRect
CopyIcon
GetParent
GetSystemMetrics
ReleaseDC
DrawIcon
IsWindow
GetSysColor
GetMessagePos
InvalidateRect
MessageBeep
SetWindowLongA
ScrollDC
LoadBitmapA
DrawTextA
KillTimer
SetTimer
GetDC
GetClientRect
GetCursorPos
ScreenToClient
SetCursor
SendMessageA
GetWindowRect
LoadIconA
LoadCursorA
InflateRect
EnableWindow
PtInRect

gdi32

CreatePen
RoundRect
DPtoLP
LPtoDP
CreateSolidBrush
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
DeleteDC
DeleteObject
GetStockObject
CreateFontIndirectA
CreateFontA
GetObjectA
GetTextExtentPoint32A
GetBkColor
CreateBitmap
GetDeviceCaps
RealizePalette
CreateCompatibleDC
PtVisible
CreateCompatibleBitmap
BitBlt

advapi32

LookupAccountSidA
RegOpenKeyExA
RegQueryValueA
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
GetTokenInformation

shell32

ShellExecuteA

comctl32

_TrackMouseEvent

ole32

CreateStreamOnHGlobal

olepro32

ord251

psapi

GetModuleFileNameExA
EnumProcessModules

wtsapi32

WTSEnumerateProcessesA
WTSFreeMemory

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 396KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
GameControl/GameControl/GameControl.ini
GameControl/GameControl/游戏双开助手2.02 注册机.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

code
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

82a46165ba1cb9046e3812d5f64c98d8

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

olepro32

psapi

wtsapi32

version

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 396KB - Virtual size: 394KB

Headers

File Characteristics

Sections

code Size: - Virtual size: 40KB

text Size: 11KB - Virtual size: 12KB

.rsrc Size: 6KB - Virtual size: 8KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 396KB - Virtual size: 394KB

code
Size: - Virtual size: 40KB

text
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 6KB - Virtual size: 8KB