Overview

overview

3

Static

static

3

961cca6cec...18.exe

windows7-x64

3

961cca6cec...18.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

AESocket.dll

windows7-x64

3

AESocket.dll

windows10-2004-x64

3

CS15Hook.dll

windows7-x64

3

CS15Hook.dll

windows10-2004-x64

3

CommonLib.dll

windows7-x64

3

CommonLib.dll

windows10-2004-x64

3

CrashSender.exe

windows7-x64

3

CrashSender.exe

windows10-2004-x64

3

FPSHook.dll

windows7-x64

3

FPSHook.dll

windows10-2004-x64

3

Garena.exe

windows7-x64

3

Garena.exe

windows10-2004-x64

3

GarenaSkin.dll

windows7-x64

3

GarenaSkin.dll

windows10-2004-x64

3

GarenaSkin1.dll

windows7-x64

3

GarenaSkin1.dll

windows10-2004-x64

3

GarenaSkin2.dll

windows7-x64

3

GarenaSkin2.dll

windows10-2004-x64

3

GarenaTVHook.dll

windows7-x64

3

GarenaTVHook.dll

windows10-2004-x64

3

GarenaTV_UI.dll

windows7-x64

3

GarenaTV_UI.dll

windows10-2004-x64

3

Inject.dll

windows7-x64

3

Inject.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    961cca6cec6d7649b04ae106aae9b991_JaffaCakes118

  • Size

    2.0MB

  • MD5

    961cca6cec6d7649b04ae106aae9b991

  • SHA1

    3ce49de40c840c6facebf32723fdf35ab32e4ab9

  • SHA256

    1aefc871cf047916411426953da59bcbfcfde96cbac4180242d8b3839686f8a3

  • SHA512

    fe91a2d82a7e49f4bd8eb714188803c4f1675930c5269c5c80d6ff0007afaf5e993fdfe3ccfe8bed8ff3beae8066128ebe5b860e970364682bd98b27aa27cf96

  • SSDEEP

    49152:Hu3ImXECPUUCak4jZDnz3+FLYCyuvTcnEjpNMdo5VipR:HuYmUC8D0NnKhYCyeZ2O5Viv

Score
3/10

Malware Config

Signatures

  • Unsigned PE 23 IoCs

    Checks for missing Authenticode signature.

Files

  • 961cca6cec6d7649b04ae106aae9b991_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    b729b61eb1515fcf7b3e511e4e66258b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:5 windows x86 arch:x86

    cd90e33ffbc335413a25300c682c83df


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:5 windows x86 arch:x86

    e981c0ab92cb1f191bb5e23392e14796


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:5 windows x86 arch:x86

    b1d9539c7cfd95718179dedb471b482f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • AESocket.dll
    .dll windows:4 windows x86 arch:x86

    d19de0d004578cc7ea30566b2d8394d5


    Headers

    Imports

    Sections

  • CS15Hook.dll
    .dll windows:4 windows x86 arch:x86

    1040fa5da89612fa22cc7ed3c6306dbb


    Headers

    Imports

    Sections

  • CommonLib.dll
    .dll windows:4 windows x86 arch:x86

    9763997563cf7d906063a7fbb8c9b1f1


    Headers

    Imports

    Exports

    Sections

  • CrashSender.exe
    .exe windows:4 windows x86 arch:x86

    99b90a2d2929c63f927d0a18e66e6c20


    Headers

    Imports

    Sections

  • FPSHook.dll
    .dll windows:5 windows x86 arch:x86

    75461bf87660ee2aff3bd2b6352dbf24


    Headers

    Imports

    Sections

  • GGICON.ico
  • Gamecn.dat
  • Gameen.dat
  • Gametw.dat
  • Gamevn.dat
  • Garena.dat
  • Garena.exe
    .exe windows:4 windows x86 arch:x86

    ece51b23a942185e0583b54c9b96e838


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • GarenaSkin.dll
    .dll windows:4 windows x86 arch:x86

    7b9c92837b1e3edbe72847ae0983b21c


    Headers

    Imports

    Exports

    Sections

  • GarenaSkin1.dll
    .dll windows:4 windows x86 arch:x86

    258919a6008fbb6950d9201d3a038091


    Headers

    Imports

    Exports

    Sections

  • GarenaSkin2.dll
    .dll windows:4 windows x86 arch:x86

    258919a6008fbb6950d9201d3a038091


    Headers

    Imports

    Exports

    Sections

  • GarenaTV.xml
    .xml
  • GarenaTVHook.dll
    .dll windows:4 windows x86 arch:x86

    930a3e550691d71e620afa22f1fad2a6


    Headers

    Imports

    Exports

    Sections

  • GarenaTV_UI.dll
    .dll windows:5 windows x86 arch:x86

    8b9c32e53642706195bf0a559bae6131


    Headers

    Imports

    Sections

  • Gn.ggz
  • Inject.dll
    .dll windows:4 windows x86 arch:x86

    c6fac98baceae40e97f7fe1744c76f5c


    Headers

    Imports

    Exports

    Sections

  • L4DSocket.dll
    .dll windows:4 windows x86 arch:x86

    c5b5a649d9aefe570d326b60f7e7fbf8


    Headers

    Imports

    Sections

  • PluginKernel.dll
    .dll windows:4 windows x86 arch:x86

    0d9ed8a323a24cab42183f7eb588a764


    Headers

    Imports

    Sections

  • RecConfig.xml
  • Roomcn.dat
  • Roomen.dat
  • Roomtw.dat
  • Skins.xml
    .xml
  • SocketHook.dll
    .dll windows:4 windows x86 arch:x86

    55cc66bd61551ce6d23f9ee96a62098c


    Headers

    Imports

    Sections

  • War3Hook.dll
    .dll windows:4 windows x86 arch:x86

    84c6282fff898cc561946a8e7feb0672


    Headers

    Imports

    Sections

  • YYFileSystem.dll
    .dll windows:5 windows x86 arch:x86

    e07f48095153d0e038099b8d719882cc


    Headers

    Imports

    Sections

  • atl71.dll
    .dll windows:4 windows x86 arch:x86

    a0bd0cbc6c3c1f3095dd9342b630fcb9


    Headers

    Imports

    Exports

    Sections

  • ggsec.dll
    .dll windows:5 windows x86 arch:x86

    cbeb80efb2fbf8a66a12527eb1b83144


    Code Sign

    Headers

    Imports

    Sections

  • hc.xml
    .xml
  • langs.xml
  • mdata.ggz
    .zip
  • newgame.ggz
    .zip
  • onlinegame.ggz
    .zip
  • safeapi.dll
    .dll windows:5 windows x86 arch:x86

    cd391c5814cad8d0c3f552d040c36b87


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • server.xml
    .xml
  • slotmachine.ggz
    .zip
  • source.xml
    .xml
  • sqlite3.dll
    .dll windows:4 windows x86 arch:x86

    fe62f9dce6776626b1ed9d7894e7710d


    Headers

    Imports

    Exports

    Sections

  • update.dat
  • update.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections