5fb9763163dbc087ca3ed0948373c776_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5fb9763163dbc087ca3ed0948373c776_JaffaCakes118
Size

3.6MB
MD5

5fb9763163dbc087ca3ed0948373c776
SHA1

8db16066d365bb8aacbf0e71b9a1b638599135a5
SHA256

1c4be0a1177bb71e5a650e70640718f5479b977777fd1cb4e4deb22334efc5f4
SHA512

9386d2103db5c0890181bb2adefd78c408f9c3212bd23062306d3c3c57d3ddfdde75436ddf310b26581d72ea3466a3909b90254a341366dd3db107d2ec4d1d8d
SSDEEP

98304:2djwFQFgXHciMDfZrwdalrv8hyEX3qRFA0IP2KTV4+5:2djxS8iMbq4lT8hbX3qRFA0IPBx4+5

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
5fb9763163dbc087ca3ed0948373c776_JaffaCakes118
unpack001/$PLUGINSDIR/BrandingURL.dll
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/MagicBall.exe
unpack001/ReflexiveArcade/ReflexiveArcade.dll
unpack001/bass.dll
unpack001/uninst.exe

NSIS installer 4 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2
static1/unpack001/uninst.exe	nsis_installer_1
static1/unpack001/uninst.exe	nsis_installer_2

Files

5fb9763163dbc087ca3ed0948373c776_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dfb06052e74b26a42b0e490bd1c07959

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
MulDiv
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
RegisterClassA
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
EmptyClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetForegroundWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/BrandingURL.dll
.dll windows:4 windows x86 arch:x86

135de77644e2add2fd9dd8176740e7e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GlobalFree

user32

GetWindowRect
SetCapture
InvalidateRect
SendMessageA
GetCapture
ClientToScreen
EnableWindow
LoadImageA
SetPropA
SetWindowLongA
GetWindowLongA
GetDlgItem
PtInRect
ReleaseCapture
SetCursor
GetPropA
CallWindowProcA
RedrawWindow

gdi32

GetObjectA
SetTextColor
CreateFontIndirectA

shell32

ShellExecuteA

Exports

Exports

Set
Unload

Sections

.text
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 839B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
MultiByteToWideChar
GetPrivateProfileIntA
GlobalLock
GetModuleHandleA
lstrcmpiA
GetPrivateProfileStringA
lstrcatA
lstrcpynA
WritePrivateProfileStringA
lstrlenA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalAlloc

user32

MapWindowPoints
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
PtInRect
SetWindowRgn
LoadIconA
LoadImageA
SetWindowLongA
CreateWindowExA
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamA
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
LoadCursorA
SetCursor
DrawTextA
GetWindowLongA
DrawFocusRect
CallWindowProcA
PostMessageA
MessageBoxA
CharNextA
wsprintfA
GetWindowTextA
SetWindowTextA
SendMessageA
GetClientRect

gdi32

SetTextColor
CreateCompatibleDC
GetObjectA
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
ShellExecuteA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
show

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$SMPROGRAMS/ħ/.lnk
.lnk
Graphics.zip
.zip
Arrow.bmp
BgColors.png
.png
Borders.dds
Bricksn.dds
Bullet.bmp
Colors.bmp
Default.jpg
.jpg
Explose.bmp
Jack.bmp
LevelBG0.jpg
.jpg
LevelBG1.jpg
.jpg
LevelBG2.jpg
.jpg
LevelBG3.jpg
.jpg
LevelBG4.jpg
.jpg
LevelBG5.jpg
.jpg
LevelBG6.jpg
.jpg
LevelBG7.jpg
.jpg
LevelBG8.jpg
.jpg
LevelBG9.jpg
.jpg
Magma.dds
Menu.png
.png
Particle.bmp
Particle2.bmp
Prizes.bmp
Script.bmp
Simple.bmp
alawar.png
.png
bigfish.png
.png
dreamdale.png
.png
file_id.diz
font.png
.png
missiles.dds
nstorm.png
.png
oberon.png
.png
pad.png
.png
particle3.png
.png
playgrou.jpg
.jpg
real.png
.png
title.png
.png
wire.jpg
.jpg
Levels.dat
.zip
2002.3DL
AERO.3DL
AXE.3DL
BEACON.3DL
BOOK.3DL
BOTTLE.3DL
BUS2.3DL
CANISTER.3DL
CANNON.3DL
CAT.3DL
COMPUTER.3dl
Castle.3dl
Chess.3dl
Colors.3dl
Colors2.3dl
Colors3.3dl
Colors4.3dl
DISH.3DL
DOLLARS.3DL
Delphi.3dl
Egypt.3dl
FOREST.3DL
Face.3dl
Fort.3dl
Gorka.3dl
HAND.3DL
HAT.3DL
HOME.3DL
Heart.3dl
Hello.3dl
House.3dl
Iguana.3dl
KITCHEN.3DL
Kpp.3dl
MICROSH.3DL
MOST.3DL
Maya.3dl
Maze.3dl
Mount.3dl
NEW.3DL
Night.3dl
OKOP.3DL
PAC2.3DL
PACMAN.3DL
PIANO.3DL
PISTOL.3DL
PLIM.3DL
PM.3DL
PODLODKA.3DL
PORTRAIT.3DL
RAINBOW.3DL
RAKETA.3DL
ROAD.3DL
SAPOGI.3DL
SHATTLE.3DL
SOME.3DL
STROIKA.3DL
TABLE.3DL
TACHKA.3DL
TANK.3DL
Tower.3dl
Tropic.3dl
UTUG.3DL
Ulitka.3dl
VOLCANO.3DL
WINDOW.3DL
Wall.3dl
YACHT.3DL
acropol.3dl
bird.3dl
box.3dl
boxes.3dl
car.3dl
chese.3dl
china.3dl
coffe.3dl
colors5.3dl
columns.3dl
compman.3dl
cowboy.3dl
diagonal.3dl
dna.3dl
easy.3dl
elka.3dl
expl.3dl
fishman.3dl
flowers.3dl
flyisl.3dl
fontan.3dl
gift.3dl
grove.3dl
heart2.3dl
heli.3dl
hockey.3dl
interest.3dl
leo.3dl
levels.txt
lines.3dl
mandog.3dl
mavzoley.3dl
mayak.3dl
maze2.3dl
mill.3dl
mobile.3dl
monkey.3dl
mouse.3dl
mouse2.3DL
new1.3dl
new2.3dl
nlands.3dl
nupogody.3dl
ochki.3dl
oko.3dl
phone.3dl
photo.3dl
robots.3dl
rose.3dl
santa.3dl
scannon.3dl
seaship.3dl
shapes.3dl
ship.3dl
ski.3dl
sky.3dl
snake.3dl
snow.3dl
snowman.3dl
some2.3dl
somehard.3dl
somenew.3dl
somenew2.3dl
somenew3.3dl
someno1.3dl
someno2.3dl
someno3.3dl
somesnew.3dl
somesnew2.3dl
something.3dl
spiral.3dl
straja.3dl
tank2.3dl
teleport.3dl
town.3dl
train.3dl
traktor.3dl
tree.3dl
ufo.3dl
velo.3dl
village.3dl
zimovie.3dl
znaki.3dl
MagicBall.exe
.exe windows:4 windows x86 arch:x86

121431fbc95febca83699f47d559116e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetACP
GetOEMCP
SetEndOfFile
GetLocaleInfoW
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
SetFilePointer
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
FindResourceA
LoadResource
SizeofResource
lstrlenA
CloseHandle
CreateThread
OutputDebugStringA
GetModuleHandleA
GetCurrentDirectoryA
GetTickCount
GetCurrentThread
SetThreadPriority
QueryPerformanceFrequency
QueryPerformanceCounter
FreeLibrary
LoadLibraryA
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
SetStdHandle
GetLastError
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
WriteFile
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileA
CreateFileW
GetVersionExA
UnmapViewOfFile
IsProcessorFeaturePresent
HeapValidate
GetProcessHeap
DeleteFileA
ReadFile
HeapFree
SetFileAttributesA
MoveFileA
RemoveDirectoryA
GetModuleFileNameA
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersion
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
FindClose

user32

TranslateMessage
PeekMessageA
MessageBoxA
LoadStringA
DispatchMessageA
EndDialog
SendMessageA
GetDlgItem
RegisterClassExA
LoadIconA
UnregisterClassA
GetDlgItemTextA
DialogBoxParamA
CreateWindowExA
DefWindowProcA
GetKeyState
DestroyWindow
GetCursorPos
ScreenToClient
SetFocus
SetWindowPos
GetClientRect
PtInRect
GetDesktopWindow
RedrawWindow
wsprintfA
PostQuitMessage

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

advapi32

CryptAcquireContextA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegOpenKeyA
CryptDestroyKey
CryptVerifySignatureA
CryptImportKey
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash
RegQueryValueExA

shell32

ShellExecuteA

d3d8

Direct3DCreate8

winmm

timeGetTime

dinput8

DirectInput8Create

wininet

InternetReadFile
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetConnectA

d3dxof

DirectXFileCreate

bass

BASS_Stop
BASS_Free
BASS_MusicLoad
BASS_Init
BASS_ErrorGetCode
BASS_Start
BASS_MusicFree
BASS_StreamFree
BASS_ChannelStop
BASS_MusicPlay
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SampleFree
BASS_SamplePlayEx
BASS_SetGlobalVolumes
BASS_GetGlobalVolumes
BASS_GetVersion

Exports

Exports

?GetRegistrationInformation@@YGXPAD@Z

Sections

.text
Size: 464KB - Virtual size: 462KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 56KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FFF
Size: 256B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Meshes/BULLETS.X
Meshes/Brick0.x
Meshes/Brick1.x
Meshes/Brick2.x
Meshes/Brick3.x
Meshes/Brick4.x
Meshes/Brick5.x
Meshes/Brick6.x
Meshes/Brick7.x
Meshes/a.x
Meshes/b.x
Meshes/backgr.x
Meshes/ball.x
Meshes/bat.X
Meshes/board.x
Meshes/bullet.x
Meshes/exptonor.x
Meshes/i.x
Meshes/jack.x
Meshes/life.x
Meshes/lightm.x
Meshes/lightmax.x
Meshes/lightmin.x
Meshes/lightp.x
Meshes/magnit.x
Meshes/n.x
Meshes/nextlev.x
Meshes/nortoexp.x
Meshes/nortopow.x
Meshes/o.x
Meshes/padm.x
Meshes/padp.x
Meshes/powtonor.x
Meshes/r.x
Meshes/rocket.x
Meshes/rockets.x
Meshes/speedm.x
Meshes/speedp.x
Meshes/sphere.x
Meshes/torpedo.x
Meshes/torpedos.x
Meshes/triball.x
Meshes/vibra.x
Meshes/w.x
Music/Intro.mo3
Music/game0.mo3
Music/game1.mo3
Music/game2.mo3
ReflexiveArcade/Application.dat
ReflexiveArcade/Arcade.dat
ReflexiveArcade/Arcade/Cache/Resources/Forms/Purchasing Form/Assets/-Bullet_Point.frm16
ReflexiveArcade/Arcade/Cache/Resources/Forms/Purchasing Form/Assets/-Purchase_Background.frm16
ReflexiveArcade/Arcade/Cache/Resources/Interface/-MouseFinger.seq16
ReflexiveArcade/Arcade/Cache/Resources/Interface/-MousePointer.seq16
ReflexiveArcade/Arcade/Cache/Resources/Interface/-MouseText.seq16
ReflexiveArcade/Arcade/Cache/Resources/Interface/-Window Texture.frm16
ReflexiveArcade/ReflexiveArcade.dll
.dll windows:4 windows x86 arch:x86

1a07be9d954d016ba837689c232e4e2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetActiveWindow
wsprintfA
LoadCursorA
SetCursorPos
MessageBoxA
GetDesktopWindow
ClientToScreen
SetForegroundWindow
ShowWindow
SetCursor
SystemParametersInfoA
ScreenToClient
WindowFromPoint
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RegisterClipboardFormatA
GetClipboardData
SetTimer
KillTimer
GetCursorPos
GetClientRect

kernel32

SetCurrentDirectoryA
DeviceIoControl
CreateFileA
CloseHandle
GetShortPathNameA
SetPriorityClass
GetCurrentDirectoryA
SizeofResource
LockResource
LoadResource
FindResourceA
GetComputerNameA
GetVersionExA
GetProcAddress
LoadLibraryA
GetLastError
GetModuleFileNameA
OutputDebugStringA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
SetUnhandledExceptionFilter
GetCurrentProcess
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetOEMCP
GetTickCount
GetTempPathA
CreateProcessA
GetExitCodeProcess
IsBadReadPtr
IsBadWritePtr
MulDiv
CreateMutexA
WaitForSingleObject
ReleaseMutex
FileTimeToDosDateTime
GetSystemTimeAsFileTime
FindClose
FindFirstFileA
GetTempFileNameA
GetFileAttributesA
CreateDirectoryA
FindNextFileA
GetFileTime
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
FileTimeToLocalFileTime
GetPrivateProfileIntA
WritePrivateProfileStringA
GetVersion
SetFileAttributesA
QueryPerformanceCounter
QueryPerformanceFrequency
FreeLibrary
ExitProcess
TerminateProcess
IsBadCodePtr
HeapAlloc
HeapFree
GetCommandLineA
DeleteFileA
SetEndOfFile
InterlockedDecrement
InterlockedIncrement
RtlUnwind
HeapReAlloc
GetModuleHandleA
HeapSize
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
FlushFileBuffers
ReadFile
SetFilePointer
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
RaiseException
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP

advapi32

RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
GetUserNameA
RegEnumValueA
RegEnumKeyExA
RegCreateKeyA

netapi32

Netbios

gdi32

DeleteObject

shell32

ShellExecuteA

Exports

Exports

radll_DrawNextFrameIntoBuffer
radll_EnterMenuSession
radll_GetDLLVersionAsInt
radll_GetDLLVersionAsString
radll_GetLastErrorInformation
radll_GetNumberOfRectsToUpdate
radll_GetUpdateRect
radll_GetValueAsFloat
radll_GetValueAsInt
radll_GetValueAsString
radll_HandleWindowsMessage
radll_HasTheProductBeenPurchased
radll_Initialize
radll_IsASystemUpdateRequired
radll_IsTheMenuSessionComplete
radll_SetPalette
radll_ShutDown

Sections

.text
Size: 728KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 705KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Sounds/ball.wav
Sounds/brickExplose.ogg
Sounds/brickGlass.ogg
Sounds/brickNormal.ogg
Sounds/brickStone.ogg
Sounds/bullet.ogg
Sounds/darkness.ogg
Sounds/expToNor.ogg
Sounds/explose.ogg
Sounds/life.ogg
Sounds/lightMinus.ogg
Sounds/lightPlus.ogg
Sounds/lightness.ogg
Sounds/magn.wav
Sounds/magnet.ogg
Sounds/nextLevel.ogg
Sounds/norToExp.ogg
Sounds/norToPow.ogg
Sounds/padBig.ogg
Sounds/padSmall.ogg
Sounds/powToNor.ogg
Sounds/rainbow.ogg
Sounds/rainbowPart.ogg
Sounds/rocket.ogg
Sounds/sounds.txt
Sounds/speedDown.ogg
Sounds/speedUp.ogg
Sounds/takeBullet.ogg
Sounds/takeRocket.ogg
Sounds/takeTorpedo.ogg
Sounds/tick.wav
Sounds/torpedo.ogg
Sounds/tripple.ogg
Sounds/vibration.ogg
bass.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_Apply3D
BASS_CDDoor
BASS_CDFree
BASS_CDGetID
BASS_CDGetTrackLength
BASS_CDGetTracks
BASS_CDInDrive
BASS_CDInit
BASS_CDPlay
BASS_ChannelBytes2Seconds
BASS_ChannelGet3DAttributes
BASS_ChannelGet3DPosition
BASS_ChannelGetAttributes
BASS_ChannelGetData
BASS_ChannelGetEAXMix
BASS_ChannelGetFlags
BASS_ChannelGetLevel
BASS_ChannelGetPosition
BASS_ChannelIsActive
BASS_ChannelIsSliding
BASS_ChannelPause
BASS_ChannelRemoveDSP
BASS_ChannelRemoveFX
BASS_ChannelRemoveLink
BASS_ChannelRemoveSync
BASS_ChannelResume
BASS_ChannelSeconds2Bytes
BASS_ChannelSet3DAttributes
BASS_ChannelSet3DPosition
BASS_ChannelSetAttributes
BASS_ChannelSetDSP
BASS_ChannelSetEAXMix
BASS_ChannelSetFX
BASS_ChannelSetLink
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelSlideAttributes
BASS_ChannelStop
BASS_ErrorGetCode
BASS_FXGetParameters
BASS_FXSetParameters
BASS_Free
BASS_Get3DFactors
BASS_Get3DPosition
BASS_GetCPU
BASS_GetDSoundObject
BASS_GetDeviceDescription
BASS_GetEAXParameters
BASS_GetGlobalVolumes
BASS_GetInfo
BASS_GetVersion
BASS_GetVolume
BASS_Init
BASS_MusicFree
BASS_MusicGetChannelVol
BASS_MusicGetLength
BASS_MusicGetName
BASS_MusicLoad
BASS_MusicPlay
BASS_MusicPlayEx
BASS_MusicPreBuf
BASS_MusicSetAmplify
BASS_MusicSetChannelVol
BASS_MusicSetPanSep
BASS_MusicSetPositionScaler
BASS_Pause
BASS_RecordFree
BASS_RecordGetDeviceDescription
BASS_RecordGetInfo
BASS_RecordGetInput
BASS_RecordGetInputName
BASS_RecordInit
BASS_RecordSetInput
BASS_RecordStart
BASS_SampleCreate
BASS_SampleCreateDone
BASS_SampleFree
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SamplePlay
BASS_SamplePlay3D
BASS_SamplePlay3DEx
BASS_SamplePlayEx
BASS_SampleSetInfo
BASS_SampleStop
BASS_Set3DAlgorithm
BASS_Set3DFactors
BASS_Set3DPosition
BASS_SetBufferLength
BASS_SetCLSID
BASS_SetEAXParameters
BASS_SetGlobalVolumes
BASS_SetLogCurves
BASS_SetNetConfig
BASS_SetVolume
BASS_Start
BASS_Stop
BASS_StreamCreate
BASS_StreamCreateFile
BASS_StreamCreateURL
BASS_StreamFree
BASS_StreamGetFilePosition
BASS_StreamGetLength
BASS_StreamGetTags
BASS_StreamPlay
BASS_StreamPreBuf
BASS_Update
_

Sections

Size: 96KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
scores.dat
uninst.exe
.exe windows:4 windows x86 arch:x86

dfb06052e74b26a42b0e490bd1c07959

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
MulDiv
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetAsyncKeyState
IsDlgButtonChecked
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
RegisterClassA
OpenClipboard
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
wvsprintfA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
EmptyClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
SetForegroundWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
.lnk
.lnk

Sharing

General

Malware Config

Signatures

Files

dfb06052e74b26a42b0e490bd1c07959

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 112KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 28KB - Virtual size: 28KB

135de77644e2add2fd9dd8176740e7e0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 992B

.rdata Size: 1024B - Virtual size: 839B

.data Size: 512B - Virtual size: 336B

.reloc Size: 512B - Virtual size: 220B

b1cd0d78f652ce5fc63f0879371af012

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

121431fbc95febca83699f47d559116e

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

d3d8

winmm

dinput8

wininet

d3dxof

bass

Exports

Exports

Sections

.text Size: 464KB - Virtual size: 462KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 56KB - Virtual size: 148KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 44KB - Virtual size: 42KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 112KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 28KB - Virtual size: 28KB

.text
Size: 1024B - Virtual size: 992B

.rdata
Size: 1024B - Virtual size: 839B

.data
Size: 512B - Virtual size: 336B

.reloc
Size: 512B - Virtual size: 220B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 464KB - Virtual size: 462KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 56KB - Virtual size: 148KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 44KB - Virtual size: 42KB

.FFF
Size: 256B - Virtual size: 4KB

.text
Size: 728KB - Virtual size: 726KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 80KB - Virtual size: 705KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 56KB - Virtual size: 53KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 112KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 28KB - Virtual size: 28KB