a3c624ea0684a529f338a186309b9883_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a3c624ea0684a529f338a186309b9883_JaffaCakes118
Size

1.7MB
MD5

a3c624ea0684a529f338a186309b9883
SHA1

5fad60faa9d4050e569e18b941e5e46043877d52
SHA256

7f3f6a4486a5c70d65bb480a5742a9c9d8248078263246d228cfad6b6cfe3b66
SHA512

e63d287d0c1b568e96159a5bf0edbea2f853dc6eebc0a442c2ec631ac64302c278cc59076d60240a3e695d57a8838c692c06dafd81a9e659b97e4b5b09bb0eb6
SSDEEP

49152:DasKFDmf/QywSNyi+/j45XELZxTHWkh5P5Kp:oxmX+SNy/MuLZxrW25w

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sc2cracker V2/myMPQ.v7
unpack001/sc2cracker V2/sc2cracker.exe

Files

a3c624ea0684a529f338a186309b9883_JaffaCakes118
.rar
sc2cracker V2/README.txt
sc2cracker V2/myBattleC.v7
sc2cracker V2/myBattleR.v7
sc2cracker V2/myMPQ.v7
.exe windows:4 windows x86 arch:x86

667732d9512d95c7c78dd64a299d8a7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Ladik\Appdir\MPQEditor2\bin\Win32\ReleaseEn\MPQEditor.pdb

Imports

kernel32

SetConsoleTitleA
FreeConsole
GetFileSize
ReadFile
WideCharToMultiByte
MultiByteToWideChar
FormatMessageA
ExpandEnvironmentStringsA
GetVersionExA
FindNextChangeNotification
FindFirstChangeNotificationA
GetCurrentProcessId
Sleep
DeviceIoControl
GetDriveTypeA
GlobalReAlloc
SetLastError
RemoveDirectoryA
DeleteFileA
SetFileTime
WaitForMultipleObjects
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
UnhandledExceptionFilter
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
HeapSize
FlushFileBuffers
GetConsoleMode
GetConsoleCP
VirtualAlloc
QueryPerformanceCounter
VirtualFree
HeapCreate
AllocConsole
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetHandleCount
RtlUnwind
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
RaiseException
ExitThread
GetSystemTimeAsFileTime
HeapReAlloc
GetStartupInfoA
GetCommandLineA
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
GetFileType
SetStdHandle
CreateDirectoryA
FindResourceA
LoadResource
LockResource
FreeResource
OutputDebugStringA
ResetEvent
ReleaseSemaphore
CreateSemaphoreA
MoveFileA
SetEndOfFile
SetFilePointer
GetStdHandle
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateProcessA
GetLocaleInfoA
GetTimeFormatA
GetDateFormatA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
EnumSystemLocalesA
GlobalUnlock
GlobalLock
GlobalAlloc
GetFileAttributesA
OpenProcess
GetFullPathNameA
WaitForSingleObject
SetEvent
CreateEventA
GetFileTime
FindClose
FindNextFileA
FindFirstFileA
CompareFileTime
DeleteCriticalSection
WriteFile
CreateFileA
GetProcAddress
LoadLibraryA
CloseHandle
CreateThread
LeaveCriticalSection
GetTickCount
EnterCriticalSection
InitializeCriticalSection
GlobalFree
GetLastError
GetModuleHandleA
GetModuleFileNameA
HeapFree
GetProcessHeap
HeapDestroy
HeapAlloc

user32

DeleteMenu
AppendMenuA
CheckMenuItem
ClientToScreen
GetSysColor
PostQuitMessage
DestroyIcon
GetWindowPlacement
GetMenuStringA
GetMenu
GetIconInfo
LoadAcceleratorsA
DispatchMessageA
IsDialogMessageA
TranslateMessage
GetMessageA
TranslateAcceleratorA
EndDeferWindowPos
DeferWindowPos
ReleaseCapture
SetCapture
PtInRect
GetMenuItemCount
RemoveMenu
MessageBoxA
GetMenuItemInfoA
ScreenToClient
IsWindowVisible
CharUpperBuffA
SetDlgItemInt
LoadStringW
GetDlgItemTextA
GetDlgItemInt
GetCursorPos
EnableMenuItem
SetTimer
KillTimer
GetSystemMetrics
SystemParametersInfoA
SendDlgItemMessageA
EnableWindow
IsWindowEnabled
SetScrollInfo
GetScrollInfo
GetAsyncKeyState
SetDlgItemTextA
InvalidateRect
EndPaint
FillRect
BeginPaint
GetClientRect
ReleaseDC
GetDC
RegisterClassExA
LoadCursorA
GetClassInfoExA
DefWindowProcA
ShowWindow
CreateWindowExA
GetParent
IsDlgButtonChecked
DestroyMenu
PostMessageA
TrackPopupMenu
SetForegroundWindow
GetWindowRect
GetSubMenu
LoadMenuA
SetFocus
CheckDlgButton
DestroyWindow
SetWindowPos
CallWindowProcA
SetCursor
DialogBoxParamA
EndDialog
LoadImageA
LoadIconA
GetWindow
SetWindowTextA
GetWindowTextLengthA
GetDlgItem
GetWindowTextA
SetWindowLongA
GetWindowLongA
GetClassNameA
LoadStringA
SendMessageA
BeginDeferWindowPos
CreateCursor
IsWindow
MoveWindow
WindowFromPoint
DrawTextExA
MessageBeep
GetSystemMenu
DialogBoxIndirectParamA

gdi32

CreateFontIndirectA
GetObjectA
SetTextColor
TextOutA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateSolidBrush
MoveToEx
LineTo
SetTextAlign
SetBkMode
GetStockObject
GetTextMetricsA
CreateFontIndirectW
SetBkColor
GetTextExtentPoint32A
BitBlt
DeleteObject
DeleteDC
Rectangle
CreatePen

advapi32

RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegEnumKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
IsTextUnicode
RegEnumKeyExA

shell32

SHGetMalloc
SHBrowseForFolderA
ShellExecuteExA
SHGetFileInfoA
DragQueryFileA
ShellExecuteA
SHGetPathFromIDListA

ole32

RevokeDragDrop
RegisterDragDrop
OleInitialize
CoCreateInstance
ReleaseStgMedium
DoDragDrop

comctl32

PropertySheetA
ImageList_ReplaceIcon
ord17
CreatePropertySheetPageA
ImageList_Create

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Sections

.text
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 608KB - Virtual size: 605KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
sc2cracker V2/sc2cracker.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.sdata
Size: 512B - Virtual size: 111B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textxc
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

667732d9512d95c7c78dd64a299d8a7c

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

version

comdlg32

Sections

.text Size: 396KB - Virtual size: 393KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 20KB - Virtual size: 40KB

.rsrc Size: 608KB - Virtual size: 605KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.sdata Size: 512B - Virtual size: 111B

.textxc Size: 262KB - Virtual size: 261KB

.idata Size: 512B - Virtual size: 86B

.reloc Size: 512B - Virtual size: 12B

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 396KB - Virtual size: 393KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 20KB - Virtual size: 40KB

.rsrc
Size: 608KB - Virtual size: 605KB

.sdata
Size: 512B - Virtual size: 111B

.textxc
Size: 262KB - Virtual size: 261KB

.idata
Size: 512B - Virtual size: 86B

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 28KB - Virtual size: 27KB