Overview

overview

3

Static

static

3

Hall.exe

windows7-x64

1

Hall.exe

windows10-2004-x64

1

TCA2BMP.dll

windows7-x64

1

TCA2BMP.dll

windows10-2004-x64

3

avatar/com...��.ps1

windows7-x64

3

avatar/com...��.ps1

windows10-2004-x64

3

fetchtca.dll

windows7-x64

3

fetchtca.dll

windows10-2004-x64

3

gamever.dll

windows7-x64

1

gamever.dll

windows10-2004-x64

3

httpsock.dll

windows7-x64

3

httpsock.dll

windows10-2004-x64

3

popogame.exe

windows7-x64

1

popogame.exe

windows10-2004-x64

1

setpath.exe

windows7-x64

1

setpath.exe

windows10-2004-x64

1

zlib1.dll

windows7-x64

3

zlib1.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    17fb97508fef5ca44d9222c8cf4eb44a_JaffaCakes118

  • Size

    3.6MB

  • MD5

    17fb97508fef5ca44d9222c8cf4eb44a

  • SHA1

    836cc06f99eceab58b38c1574400c2569e38ef88

  • SHA256

    8e9b10b3d2f86039a44d8db1e08d6889d479b644d9da8779474ff84328522520

  • SHA512

    806181d65ccb1cd8ac25708d51b5584da8a996573c351fe743115c62775eb74e0e16c2155bf6bffd9f35b2fcb3c7efe5e6e370d1c9e7f99c8b5df1a4ecfff9c7

  • SSDEEP

    98304:jM6mqO+DElmVezNKxpw83x+MBCpyt4bJP+RMN6Pu0:Nm3TlmVaNeP+FQmP+ONA

Score
3/10

Malware Config

Signatures

  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • 17fb97508fef5ca44d9222c8cf4eb44a_JaffaCakes118
    .rar
  • Hall.exe
    .exe windows:4 windows x86 arch:x86

    1f2bf2333ea28e0edb93234af98d16f9


    Headers

    Imports

    Sections

  • TCA2BMP.dll
    .dll windows:4 windows x86 arch:x86

    c173b96d7246e71d1c379746c7ecb1cc


    Headers

    Imports

    Exports

    Sections

  • avatar/blank.tca
  • avatar/commonprop/animate/亲吻.tca
  • avatar/commonprop/animate/你真棒.tca
  • avatar/commonprop/animate/彩带.tca
  • avatar/commonprop/animate/我爱你.tca
  • avatar/commonprop/animate/扔番茄.tca
  • avatar/commonprop/animate/拉拉队.tca
  • avatar/commonprop/animate/献花.tca
    .ps1
  • avatar/commonprop/animate/花瓣雨.tca
  • avatar/commonprop/animate/通缉令.tca
  • avatar/commonprop/animate/闪亮之星上.tca
  • avatar/commonprop/animate/闪亮之星下.tca
  • avatar/commonprop/sample/你真棒.wav
  • avatar/commonprop/sample/我爱你.wav
  • avatar/commonprop/sample/拉拉队.wav
  • avatar/commonprop/sample/热吻.wav
  • avatar/commonprop/sample/热情之星.wav
  • avatar/commonprop/sample/献花.wav
  • avatar/commonprop/sample/西红柿.wav
  • avatar/female.tca
  • avatar/male.tca
  • avatar/下载说明.htm
    .html .js polyglot
  • config/avatarconfig.ini
  • config/commonprop.ini
  • config/config.ini
  • config/game.ini
  • config/master.ini
  • config/server.ini
  • config/下载说明.htm
    .html .js polyglot
  • fetchtca.dll
    .dll windows:4 windows x86 arch:x86

    3dbc7150e17f6af5b8c3cded75eb755b


    Headers

    Imports

    Exports

    Sections

  • gamever.dll
    .dll windows:4 windows x86 arch:x86

    09d0478591d4f788cb3e5ea416c25237


    Headers

    Imports

    Exports

    Sections

  • httpsock.dll
    .dll windows:4 windows x86 arch:x86

    3ecf1b55d1f96c65dd439b78203e7f04


    Headers

    Imports

    Exports

    Sections

  • popogame.exe
    .exe windows:4 windows x86 arch:x86

    fdbfec85672f73d2a4d49635454936d4


    Headers

    Imports

    Exports

    Sections

  • res/16.bmp
  • res/32.bmp
  • res/Button/BBSButton.bmp
  • res/Button/CloseButton.bmp
  • res/Button/CoinButton.bmp
  • res/Button/DiamondButton.bmp
  • res/Button/HallButton.bmp
  • res/Button/MaxButton.bmp
  • res/Button/MinButton.bmp
  • res/Button/POPOButton.bmp
  • res/Button/POPOShowButton.bmp
  • res/Button/RestoreButton.bmp
  • res/Button/SplitterHide.bmp
  • res/Button/SplitterShow.bmp
  • res/Edit/Broadcast.bmp
  • res/Edit/Emotes.bmp
  • res/Edit/Mid.bmp
  • res/Edit/Send.bmp
  • res/Edit/Setting.bmp
  • res/GameTree/BottomFrame.bmp
  • res/GameTree/BottomLeftCorner.bmp
  • res/GameTree/BottomRightCorner.bmp
  • res/GameTree/LeftFrame.bmp
  • res/GameTree/RightFrame.bmp
  • res/GameTree/TopFrame.bmp
  • res/GameTree/TopLeftCorner.bmp
  • res/GameTree/TopRightCorner.bmp
  • res/HallTree/TT.bmp
  • res/HallTree/gamehall.bmp
  • res/HallTree/group.bmp
  • res/HallTree/house.bmp
  • res/HallTree/nosetup.bmp
  • res/Hand.cur
  • res/List/DownArrow.bmp
  • res/List/Foot.bmp
  • res/List/Head.bmp
  • res/List/Interval.bmp
  • res/List/LeftFoot.bmp
  • res/List/LeftMid.bmp
  • res/List/LeftTop.bmp
  • res/List/RightFoot.bmp
  • res/List/RightMid.bmp
  • res/List/RightTop.bmp
  • res/List/UpArrow.bmp
  • res/MainWin/CoinTxt.bmp
  • res/MainWin/DiamondTxt.bmp
  • res/MainWin/HallTxt.bmp
  • res/MainWin/HeadLeft.bmp
  • res/MainWin/HeadMiddle.bmp
  • res/MainWin/HeadRight.bmp
  • res/MainWin/POPOShowTxt.bmp
  • res/MainWin/POPOTxt.bmp
  • res/MainWin/bbstxt.bmp
  • res/Room/BottomFrame.bmp
  • res/Room/BottomLeftCorner.bmp
  • res/Room/BottomRightCorner.bmp
  • res/Room/Button/Exit.bmp
  • res/Room/Button/Game.bmp
  • res/Room/Button/Item.bmp
  • res/Room/Button/Join.bmp
  • res/Room/Button/Left.bmp
  • res/Room/Button/Mid.bmp
  • res/Room/Button/POPO.bmp
  • res/Room/Button/Right.bmp
  • res/Room/Button/Search.bmp
  • res/Room/Button/Setting.bmp
  • res/Room/Button/TextLeft.bmp
  • res/Room/Button/TextMid.bmp
  • res/Room/Button/TextRight.bmp
  • res/Room/Button/UserInfo.bmp
  • res/Room/FootLeftGreen.bmp
  • res/Room/FootLeftWhite.bmp
  • res/Room/FootMidGreen.bmp
  • res/Room/FootMidWhite.bmp
  • res/Room/FootRightGreen.bmp
  • res/Room/FootRightWhite.bmp
  • res/Room/LeftBottomFrame.bmp
  • res/Room/LeftTopFrame.bmp
  • res/Room/RightFoot.bmp
  • res/Room/RightFrame.bmp
  • res/Room/RightMid.bmp
  • res/Room/RightMidGreen.bmp
  • res/Room/RightMidWhite.bmp
  • res/Room/RightTop.bmp
  • res/Room/TopLeftCorner.bmp
  • res/Room/TopLeftFrame.bmp
  • res/Room/TopLeftGreen.bmp
  • res/Room/TopLeftWhite.bmp
  • res/Room/TopMidGreen.bmp
  • res/Room/TopMidWhite.bmp
  • res/Room/TopRightCorner.bmp
  • res/Room/TopRightFrame.bmp
  • res/Room/TopRightGreen.bmp
  • res/Room/TopRightWhite.bmp
  • res/ScrollBar/HorzFillLeftGreen.bmp
  • res/ScrollBar/HorzFillLeftWhite.bmp
  • res/ScrollBar/HorzFillMidGreen.bmp
  • res/ScrollBar/HorzFillMidWhite.bmp
  • res/ScrollBar/HorzFillRightGreen.bmp
  • res/ScrollBar/HorzFillRightWhite.bmp
  • res/ScrollBar/HorzFrameLeftGreen.bmp
  • res/ScrollBar/HorzFrameLeftWhite.bmp
  • res/ScrollBar/HorzFrameMid.bmp
  • res/ScrollBar/HorzFrameRightGreen.bmp
  • res/ScrollBar/HorzFrameRightWhite.bmp
  • res/ScrollBar/HorzLeftArrowGreen.bmp
  • res/ScrollBar/HorzLeftArrowWhite.bmp
  • res/ScrollBar/HorzRightArrowGreen.bmp
  • res/ScrollBar/HorzRightArrowWhite.bmp
  • res/ScrollBar/VertDownArrowGreen.bmp
  • res/ScrollBar/VertDownArrowWhite.bmp
  • res/ScrollBar/VertFillFootGreen.bmp
  • res/ScrollBar/VertFillFootWhite.bmp
  • res/ScrollBar/VertFillMidGreen.bmp
  • res/ScrollBar/VertFillMidWhite.bmp
  • res/ScrollBar/VertFillTopGreen.bmp
  • res/ScrollBar/VertFillTopWhite.bmp
  • res/ScrollBar/VertFrameFootGreen.bmp
  • res/ScrollBar/VertFrameFootWhite.bmp
  • res/ScrollBar/VertFrameMid.bmp
  • res/ScrollBar/VertFrameTopGreen.bmp
  • res/ScrollBar/VertFrameTopWhite.bmp
  • res/ScrollBar/VertUpArrowGreen.bmp
  • res/ScrollBar/VertUpArrowWhite.bmp
  • res/Tab/BGBottom.bmp
  • res/Tab/BGMid.bmp
  • res/Tab/BGTop.bmp
  • res/Tab/DarkCloseTop.bmp
  • res/Tab/DarkFoot.bmp
  • res/Tab/DarkHead.bmp
  • res/Tab/DarkMid.bmp
  • res/Tab/DarkOpenTop.bmp
  • res/Tab/LightCloseTop.bmp
  • res/Tab/LightFoot.bmp
  • res/Tab/LightHead.bmp
  • res/Tab/LightMid.bmp
  • res/Tab/LightOpenTop.bmp
  • res/WaitWnd/Left.bmp
  • res/WaitWnd/Mid.bmp
  • res/WaitWnd/Right.bmp
  • res/avarta/avatar.bmp
  • res/avarta/female.bmp
  • res/avarta/male.bmp
  • res/hand.bmp
  • res/littlepopo.ico
  • res/lock.bmp
  • res/number/num.bmp
  • res/play.bmp
  • res/popo.ico
  • res/sitdown.bmp
  • res/watch.bmp
  • res/zs.bmp
  • res/下载说明.htm
    .html .js polyglot
  • setpath.exe
    .exe windows:4 windows x86 arch:x86

    7a2e33ace71f3dfaf5e1d76d8822c04a


    Headers

    Imports

    Sections

  • skinbmp/bottom.bmp
  • skinbmp/bottom_i.bmp
  • skinbmp/button.bmp
  • skinbmp/button_down.bmp
  • skinbmp/button_over.bmp
  • skinbmp/close_button.bmp
  • skinbmp/close_button_i.bmp
  • skinbmp/close_button_over.bmp
  • skinbmp/combo_disable.bmp
  • skinbmp/combo_drop.bmp
  • skinbmp/combo_normal.bmp
  • skinbmp/combo_over.bmp
  • skinbmp/left.bmp
  • skinbmp/left_bottom.bmp
  • skinbmp/left_bottom_i.bmp
  • skinbmp/left_i.bmp
  • skinbmp/left_top.bmp
  • skinbmp/left_top_i.bmp
  • skinbmp/max_button.bmp
  • skinbmp/max_button_i.bmp
  • skinbmp/max_button_over.bmp
  • skinbmp/min_button.bmp
  • skinbmp/min_button_i.bmp
  • skinbmp/min_button_over.bmp
  • skinbmp/progress.bmp
  • skinbmp/progress_bk.bmp
  • skinbmp/restore_button.bmp
  • skinbmp/restore_button_i.bmp
  • skinbmp/restore_button_over.bmp
  • skinbmp/right.bmp
  • skinbmp/right_bottom.bmp
  • skinbmp/right_bottom_i.bmp
  • skinbmp/right_i.bmp
  • skinbmp/right_top_d.bmp
  • skinbmp/right_top_d_i.bmp
  • skinbmp/right_top_f.bmp
  • skinbmp/right_top_f_i.bmp
  • skinbmp/skin.ini
  • skinbmp/skin1/bottom.bmp
  • skinbmp/skin1/bottom_i.bmp
  • skinbmp/skin1/button.bmp
  • skinbmp/skin1/button_down.bmp
  • skinbmp/skin1/button_over.bmp
  • skinbmp/skin1/close_button.bmp
  • skinbmp/skin1/close_button_i.bmp
  • skinbmp/skin1/close_button_over.bmp
  • skinbmp/skin1/combo_disable.bmp
  • skinbmp/skin1/combo_drop.bmp
  • skinbmp/skin1/combo_normal.bmp
  • skinbmp/skin1/combo_over.bmp
  • skinbmp/skin1/left.bmp
  • skinbmp/skin1/left_bottom.bmp
  • skinbmp/skin1/left_bottom_i.bmp
  • skinbmp/skin1/left_i.bmp
  • skinbmp/skin1/left_top.bmp
  • skinbmp/skin1/left_top_i.bmp
  • skinbmp/skin1/max_button.bmp
  • skinbmp/skin1/max_button_i.bmp
  • skinbmp/skin1/max_button_over.bmp
  • skinbmp/skin1/min_button.bmp
  • skinbmp/skin1/min_button_i.bmp
  • skinbmp/skin1/min_button_over.bmp
  • skinbmp/skin1/progress.bmp
  • skinbmp/skin1/progress_bk.bmp
  • skinbmp/skin1/restore_button.bmp
  • skinbmp/skin1/restore_button_i.bmp
  • skinbmp/skin1/restore_button_over.bmp
  • skinbmp/skin1/right.bmp
  • skinbmp/skin1/right_bottom.bmp
  • skinbmp/skin1/right_bottom_i.bmp
  • skinbmp/skin1/right_i.bmp
  • skinbmp/skin1/right_top_d.bmp
  • skinbmp/skin1/right_top_d_i.bmp
  • skinbmp/skin1/right_top_f.bmp
  • skinbmp/skin1/right_top_f_i.bmp
  • skinbmp/skin1/skin.ini
  • skinbmp/skin1/sys_button.bmp
  • skinbmp/skin1/sys_button_i.bmp
  • skinbmp/skin1/sys_button_over.bmp
  • skinbmp/skin1/title_bar.bmp
  • skinbmp/skin1/title_bar_i.bmp
  • skinbmp/sys_button.bmp
  • skinbmp/sys_button_i.bmp
  • skinbmp/sys_button_over.bmp
  • skinbmp/title_bar.bmp
  • skinbmp/title_bar_i.bmp
  • skinbmp/下载说明.htm
    .html .js polyglot
  • ui.wdf
  • zlib1.dll
    .dll windows:4 windows x86 arch:x86

    438be7e302b7106cf343660cee1de1f7


    Headers

    Imports

    Exports

    Sections

  • 下载说明.htm
    .html .js polyglot