0d8cd46447f6b428068599f86cdb2b7d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d8cd46447f6b428068599f86cdb2b7d_JaffaCakes118
Size

4.3MB
MD5

0d8cd46447f6b428068599f86cdb2b7d
SHA1

e94537085729ee3fdbbf759172be4e150bb7d165
SHA256

7b969a0a3db93f4313b35a4a7832c274d83399d5e885b701c11a7480b3979629
SHA512

49d072382a37d3686dc822e8c163066d7cfe861960922e5d48ee7e1ac1e29a7a5170ed94a3c469ed56ba676b7189faa6d8dd9fcb5da432f28b34c233cbc81f7f
SSDEEP

98304:9EdsK0qY0FdiE+h4ZkOF/j3W+djs0fUfaU9BA+WJt:9EdsK7Y0ForLORz6aQS

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ASL/demo/GUI演示/GUI.exe
unpack001/ASL/demo/单机泡泡堂(体验版)/BnB.exe

Files

0d8cd46447f6b428068599f86cdb2b7d_JaffaCakes118
.rar
ASL/Readme.txt
ASL/demo/GUI演示/GUI.exe
.exe windows:4 windows x86 arch:x86

128fa9e71d0cf9ffbf74873999515b4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Asl\demo\Gui演示\src\Release\GUI.pdb

Imports

user32

ScreenToClient
GetCursorPos
GetKeyboardState
RegisterClassA
AdjustWindowRect
SystemParametersInfoA
CreateWindowExA
ShowWindow
DefWindowProcA
LoadCursorA
SetWindowLongA
ValidateRect
DestroyWindow
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
WaitMessage
EqualRect
GetDC
ReleaseDC
SetRect
PtInRect
MessageBoxA
SetWindowPos
SetCursor
PostQuitMessage
LoadIconA

ddraw

DirectDrawCreateEx

kernel32

GetStartupInfoA
GetCommandLineA
GetVersionExA
GetProcAddress
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
RaiseException
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
HeapSize
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
InterlockedExchange
VirtualQuery
SetStdHandle
FlushFileBuffers
ExitProcess
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEndOfFile
GetLocaleInfoA
VirtualProtect
GetSystemInfo
RtlUnwind
WriteFile
SetFileTime
GetCurrentDirectoryA
CreateDirectoryA
LocalFileTimeToFileTime
ReadFile
CloseHandle
CreateFileA
GetFileAttributesA
SystemTimeToFileTime
SetFilePointer
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleFileNameA
LoadLibraryA
MultiByteToWideChar
GetModuleHandleA
GetEnvironmentStringsW
LCMapStringA

gdi32

CreateFontIndirectA
TextOutA
GetGlyphOutlineA
DeleteObject
SetBkColor
SetTextColor
CreateDIBSection
GetTextMetricsA
SelectObject
CreateCompatibleDC
DeleteDC
LineTo
MoveToEx
CreatePen
SetStretchBltMode
SetBkMode
GetStockObject
BitBlt
GetTextExtentPointA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ASL/demo/GUI演示/Pic.zip
.zip
Thumbs.db
bg.bmp
btn.bmp
btnbig.bmp
checkbox.bmp
cursor.bmp
edit.bmp
panel1.bmp
panel2.bmp
panel3.bmp
slider.bmp
slot.bmp
ASL/demo/GUI演示/Readme.txt
ASL/demo/GUI演示/Snd/click.wav
ASL/demo/GUI演示/src/GUI.sln
ASL/demo/GUI演示/src/GUI.suo
ASL/demo/GUI演示/src/GUI.vcproj
.xml
ASL/demo/GUI演示/src/gui.cpp
.js
ASL/demo/单机泡泡堂(体验版)/BnB.exe
.exe windows:4 windows x86 arch:x86

2c468091e8a9f198cfd9cf7cc4140bc2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\求职\Asl\demo\单机泡泡堂(体验版)\src\Release\BnB.pdb

Imports

user32

DefWindowProcA
ShowWindow
CreateWindowExA
RegisterClassA
LoadIconA
DestroyWindow
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
WaitMessage
GetKeyboardState
LoadCursorA
ScreenToClient
AdjustWindowRect
SystemParametersInfoA
SetWindowLongA
SetWindowPos
EqualRect
GetDC
ReleaseDC
SetRect
MessageBoxA
SetCursor
GetCursorPos
PostQuitMessage
PtInRect
ValidateRect

ddraw

DirectDrawCreateEx

msimg32

TransparentBlt

kernel32

ExitProcess
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetProcAddress
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
SetUnhandledExceptionFilter
HeapReAlloc
HeapSize
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
RaiseException
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
InterlockedExchange
VirtualQuery
SetStdHandle
RtlUnwind
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetEndOfFile
GetLocaleInfoA
VirtualProtect
GetSystemInfo
WriteFile
SetFileTime
GetCurrentDirectoryA
CreateDirectoryA
LocalFileTimeToFileTime
ReadFile
CloseHandle
CreateFileA
GetFileAttributesA
SystemTimeToFileTime
SetFilePointer
GetModuleFileNameA
LoadLibraryA
MultiByteToWideChar
GetModuleHandleA
QueryPerformanceFrequency
QueryPerformanceCounter
FreeEnvironmentStringsW
FlushFileBuffers

gdi32

DeleteDC
TextOutA
SetTextColor
SelectObject
SetStretchBltMode
SetBkMode
GetStockObject
CreateDIBSection
CreateCompatibleDC
BitBlt
StretchBlt
DeleteObject

ole32

CoUninitialize
CoInitialize
CoCreateInstance

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ASL/demo/单机泡泡堂(体验版)/Ini/FixedItem.ini
ASL/demo/单机泡泡堂(体验版)/Ini/MapType1.ini
ASL/demo/单机泡泡堂(体验版)/Ini/MapType2.ini
ASL/demo/单机泡泡堂(体验版)/Ini/Role1.ini
ASL/demo/单机泡泡堂(体验版)/Ini/Role2.ini
ASL/demo/单机泡泡堂(体验版)/Ini/RoleShared.ini
ASL/demo/单机泡泡堂(体验版)/Map/Map1.map
ASL/demo/单机泡泡堂(体验版)/Map/Map2.map
ASL/demo/单机泡泡堂(体验版)/Map/Map3.map
ASL/demo/单机泡泡堂(体验版)/Pic/BG.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/BigPopo.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Draw.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Explosion.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/FastTurtle.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/FastUFO.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Gift1.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Gift2.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Gift3.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Gift4.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Gift5.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Gift6.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/GiftOwl.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/GiftTurtle.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/GiftUFO.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/MapType1.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/MapType2.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/MapType3.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/MapTypeRoot.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Number.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Owl.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Player.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Popo.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Role1.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Role1Ani.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Role1Die.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Role1Ride.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Role1Start.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Role2.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Role2Ani.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Role2Die.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Role2Ride.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Role2Start.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandBlockBuff.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandBlockYellow.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandBox.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandCactiGreen.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandCactiGreenBold.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandCactiTea.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandGround.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandHouseBlue.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandHouseGreen.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandHouseTea.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandOasis.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandOasisAni.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandShopBlue.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandShopRed.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandShopYellow.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandStone.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandTentBlue.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandTentRed.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandTentYellow.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandTree.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandTreeGreen.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SandTreeYellow.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/ShadowBlock.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/ShadowBush.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/ShadowGift.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/ShadowPopo.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/ShadowRole.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/ShadowTent.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/SlowTurtle.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Start.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Thumbs.db
ASL/demo/单机泡泡堂(体验版)/Pic/TownBlockRed.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/TownBlockYellow.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/TownBox.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/TownBush.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/TownGround.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/TownHouseBlue.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/TownHouseRed.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/TownHouseYellow.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/TownTree.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/TownWindmill.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/TownWindmillAni.bmp
ASL/demo/单机泡泡堂(体验版)/Pic/Win.bmp
ASL/demo/单机泡泡堂(体验版)/Readme.txt
ASL/demo/单机泡泡堂(体验版)/Snd/appear.wav
ASL/demo/单机泡泡堂(体验版)/Snd/bg.wav
ASL/demo/单机泡泡堂(体验版)/Snd/die.wav
ASL/demo/单机泡泡堂(体验版)/Snd/draw.wav
ASL/demo/单机泡泡堂(体验版)/Snd/explode.wav
ASL/demo/单机泡泡堂(体验版)/Snd/get.wav
ASL/demo/单机泡泡堂(体验版)/Snd/lay.wav
ASL/demo/单机泡泡堂(体验版)/Snd/save.wav
ASL/demo/单机泡泡堂(体验版)/Snd/start.wav
ASL/demo/单机泡泡堂(体验版)/Snd/win.wav
.ps1
ASL/demo/单机泡泡堂(体验版)/src/BnB.rc
ASL/demo/单机泡泡堂(体验版)/src/BnB.sln
ASL/demo/单机泡泡堂(体验版)/src/BnB.suo
ASL/demo/单机泡泡堂(体验版)/src/BnB.vcproj
.xml
ASL/demo/单机泡泡堂(体验版)/src/ability.h
ASL/demo/单机泡泡堂(体验版)/src/factory.cpp
ASL/demo/单机泡泡堂(体验版)/src/factory.h
ASL/demo/单机泡泡堂(体验版)/src/game.cpp
ASL/demo/单机泡泡堂(体验版)/src/game.h
ASL/demo/单机泡泡堂(体验版)/src/icon1.ico
ASL/demo/单机泡泡堂(体验版)/src/incs.h
ASL/demo/单机泡泡堂(体验版)/src/item.cpp
ASL/demo/单机泡泡堂(体验版)/src/item.h
ASL/demo/单机泡泡堂(体验版)/src/main.cpp
.js
ASL/demo/单机泡泡堂(体验版)/src/map.cpp
ASL/demo/单机泡泡堂(体验版)/src/map.h
ASL/demo/单机泡泡堂(体验版)/src/resource.h
ASL/demo/单机泡泡堂(体验版)/src/role.cpp
ASL/demo/单机泡泡堂(体验版)/src/role.h
ASL/demo/单机泡泡堂(体验版)/src/sound.cpp
ASL/demo/单机泡泡堂(体验版)/src/sound.h
ASL/include/asl_asm.h
ASL/include/asl_audio.h
ASL/include/asl_bitmap.h
ASL/include/asl_cursor.h
ASL/include/asl_file.h
ASL/include/asl_font.h
ASL/include/asl_gui.h
ASL/include/asl_guiobj.h
ASL/include/asl_ini.h
ASL/include/asl_input.h
ASL/include/asl_screen.h
ASL/include/asl_timer.h
ASL/include/asl_utils.h
ASL/include/asl_winapp.h
ASL/lib/ASL.lib
ASL/lib/ASLD.lib
ASL/src/ASL.sln
ASL/src/ASL.suo
ASL/src/ASL.vcproj
.xml
ASL/src/asl_asm.cpp
ASL/src/asl_audio.cpp
ASL/src/asl_bitmap.cpp
ASL/src/asl_file.cpp
ASL/src/asl_font.cpp
ASL/src/asl_gui.cpp
ASL/src/asl_guiobj.cpp
ASL/src/asl_ini.cpp
ASL/src/asl_input.cpp
ASL/src/asl_screen.cpp
ASL/src/asl_timer.cpp
ASL/src/asl_utils.cpp
ASL/src/asl_winapp.cpp
ASL/src/main.cpp
.js
ASL/src/unzip.cpp
ASL/src/unzip.h
ASL/下载说明.htm
.html .js polyglot
ASL/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

128fa9e71d0cf9ffbf74873999515b4e

Headers

File Characteristics

PDB Paths

Imports

user32

ddraw

kernel32

gdi32

ole32

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 4KB - Virtual size: 10KB

2c468091e8a9f198cfd9cf7cc4140bc2

Headers

File Characteristics

PDB Paths

Imports

user32

ddraw

msimg32

kernel32

gdi32

ole32

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 10KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 2KB