a7f7cc66e401e2d5e359d0331ac06f1f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a7f7cc66e401e2d5e359d0331ac06f1f_JaffaCakes118
Size

336KB
MD5

a7f7cc66e401e2d5e359d0331ac06f1f
SHA1

80755bf4d0c8b39b673b45b81791907e6d8b7745
SHA256

5cf4db5a05a331d0a43f4fa996d8488c3a150e07f58f6a47d31e3d4e47e6eed0
SHA512

5a6e47eb3afcb7f2434af81217b6c920babea13ff72bda54e8b1b5eca694c7431b03ad3549fbba1e3a15ebe260f19fa9224b6007b934d4e20dda535cfcffa27b
SSDEEP

6144:yXWWWCvI/c60Ykl9Mb5DhRCY9bt2FWXDwDSUj0TaFPHGKFS6i:/cQgAdmYBtEsDcSUj0TaF1FS9

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Crack/Game.dll
unpack001/Crack/crude.exe

Files

a7f7cc66e401e2d5e359d0331ac06f1f_JaffaCakes118
.rar
Crack/Game.dll
.dll windows:4 windows x86 arch:x86

f68bc402fb1f8cb52e86060b68db60fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\gods\MegaBounce\_release\mb_game.pdb

Imports

kernel32

GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
CreateFileA
FlushFileBuffers
SetStdHandle
VirtualQuery
InterlockedExchange
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
GetSystemTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCPInfo
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
GetStartupInfoA
GetFileType
FileTimeToSystemTime
DeleteFileA
MultiByteToWideChar
GetModuleFileNameA
WideCharToMultiByte
GetTickCount
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GlobalSize
GlobalAlloc
GlobalReAlloc
GlobalFree
GetCurrentThread
SetThreadPriority
CloseHandle
Sleep
GetStdHandle
SetHandleCount
SetFilePointer
ReadFile
CreateProcessA
UnhandledExceptionFilter
WriteFile
GetLastError
RtlUnwind
RaiseException
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapFree
HeapReAlloc
HeapAlloc
GetCommandLineA
GetVersionExA
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetEndOfFile

user32

ClientToScreen
SetCursorPos
PostMessageA
InflateRect
GetCursorPos
IsRectEmpty
EqualRect
GetWindowRect
SetWindowLongA
GetSystemMetrics
GetWindowTextA
MessageBoxA
GetClientRect
ShowCursor
IsWindow
SetWindowPos
ShowWindow
FillRect
GetDC
ReleaseDC
InvalidateRect
GetAsyncKeyState
GetKeyState
PeekMessageA

gdi32

CreatePen
MoveToEx
LineTo
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
StretchBlt
GetDeviceCaps
GetSystemPaletteEntries
CreatePalette
GetStockObject
GetObjectA
SelectPalette
RealizePalette
GetDIBits
CreateSolidBrush

shell32

SHGetSpecialFolderPathA

ole32

CoCreateInstance

ddraw

DirectDrawCreateEx

Exports

Exports

ModuleActivate
ModuleDblClk
ModuleDeactivate
ModuleFree
ModuleInit
ModuleKeyDown
ModuleKeyUp
ModuleLButtonDown
ModuleLButtonUp
ModuleMouseLeave
ModuleMouseMove
ModuleMouseWheel
ModulePaint
ModuleRButtonDown
ModuleRButtonUp
ModuleThinking

Sections

.text
Size: 384KB - Virtual size: 383KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Crack/crude.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 46KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Crack/game.cfg
Crack/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

f68bc402fb1f8cb52e86060b68db60fd

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

ole32

ddraw

Exports

Exports

Sections

.text Size: 384KB - Virtual size: 383KB

.rdata Size: 88KB - Virtual size: 86KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 840B

.reloc Size: 28KB - Virtual size: 27KB

Headers

File Characteristics

Sections

CODE Size: 129KB - Virtual size: 129KB

DATA Size: 4KB - Virtual size: 3KB

BSS Size: - Virtual size: 46KB

.idata Size: 5KB - Virtual size: 5KB

.tls Size: - Virtual size: 12B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 10KB - Virtual size: 9KB

.rsrc Size: 286KB - Virtual size: 286KB

.text
Size: 384KB - Virtual size: 383KB

.rdata
Size: 88KB - Virtual size: 86KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 840B

.reloc
Size: 28KB - Virtual size: 27KB

CODE
Size: 129KB - Virtual size: 129KB

DATA
Size: 4KB - Virtual size: 3KB

BSS
Size: - Virtual size: 46KB

.idata
Size: 5KB - Virtual size: 5KB

.tls
Size: - Virtual size: 12B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 286KB - Virtual size: 286KB