14c8d7f053ebd9b8e96711fbe0c0fd61_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

14c8d7f053ebd9b8e96711fbe0c0fd61_JaffaCakes118
Size

191KB
MD5

14c8d7f053ebd9b8e96711fbe0c0fd61
SHA1

81758d7abc1e8f5be797e1e596d022a08abb4f73
SHA256

53c2d7849e71c305a1262250cd6f6c09ce81916ebcd8554b40cfe22cbd1894c7
SHA512

61cbf71eabf8998d15b14c41af20df678b757ef9784d0684134a8debd5b237dc04e1b52a55005cc9ffad722eefd8c08ad603a57157b0c3661141a223ad2232d4
SSDEEP

3072:+XNfyseEq8PqZGSh0G5RPnDKHCp1+s5EjAbhY3D:+XNf1eEqeFStD1jB5vY3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c8d7f053ebd9b8e96711fbe0c0fd61_JaffaCakes118

Files

14c8d7f053ebd9b8e96711fbe0c0fd61_JaffaCakes118
.dll windows:6 windows x86 arch:x86

0f61e3ff308f5cc4f30195475b6a0b1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

I:\Juegos Online\Cheats Mu Online\Make Mu\_recursos\_mu thrones\antihack Game-Shield + CODEX 15-10 + hosts\Release\Codex.pdb

Imports

kernel32

ExitProcess
Sleep
CreateThread
Process32First
lstrcmpiA
SetFileAttributesA
Process32Next
CreateToolhelp32Snapshot
WinExec
CloseHandle
LoadLibraryA
SetEndOfFile
CreateFileW
OutputDebugStringW
WriteConsoleW
SetStdHandle
LoadLibraryExW
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapFree
GetSystemTimeAsFileTime
ExitThread
ResumeThread
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
HeapAlloc
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
GetStdHandle
GetFileType
GetProcessHeap
GetModuleHandleExW
AreFileApisANSI
ReadFile
SetFilePointerEx
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
HeapSize
GetTimeZoneInformation
ReadConsoleW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetACP
IsValidCodePage
GetOEMCP
HeapReAlloc
SetEnvironmentVariableA

user32

SendMessageA
FindWindowA
MessageBoxA

shell32

ShellExecuteA

Exports

Exports

GameGuard

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f61e3ff308f5cc4f30195475b6a0b1f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 135KB - Virtual size: 134KB

.rdata Size: 39KB - Virtual size: 38KB

.data Size: 7KB - Virtual size: 16KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 135KB - Virtual size: 134KB

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 7KB - Virtual size: 16KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 9KB - Virtual size: 8KB