aacc2c5f2f47cc35335e6cb94b09ae58_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aacc2c5f2f47cc35335e6cb94b09ae58_JaffaCakes118
Size

78KB
MD5

aacc2c5f2f47cc35335e6cb94b09ae58
SHA1

0372fa054ff8af571bd038aa589b5d12973ab55d
SHA256

5c1edef8ce2ca758fec179a46098100a060bc470ffea0c4647a9bf4cfe493345
SHA512

7aa82b50d69a228c125d47aa903aad9127f764c2d02197da7a9a67bd89921b6472a0f6a8298487222d91f904d86de727e02b0247bca0520dea92f4c6c80db3d4
SSDEEP

1536:+6XLG/rvGGhk/Skg2PvaUF40P3ptFQ31Wd8Izu3PZmVGTASRczMZWfNXFl0dxbM9:+5DvGJSkBySXPZtuFWdA3PZ7jczMZWfj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Luxor.exe

Files

aacc2c5f2f47cc35335e6cb94b09ae58_JaffaCakes118
.zip
FFF.NFO
FILE_ID.DIZ
Luxor.rar
.rar
Luxor.exe
.exe windows:4 windows x86 arch:x86

ac171bffaa1bef5806315fe785b88d5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowsHookExA
CallNextHookEx
SetForegroundWindow
GetDesktopWindow
GetAsyncKeyState
DefWindowProcA
RegisterWindowMessageA
UnhookWindowsHookEx
MessageBoxA

core

?free@MemoryMgr@@QAEHHPAX@Z
?g_MemoryPtr@@3PAVMemoryMgr@@A
?GetString@Parser@@QAEPADXZ
?GetWindowWidth@Platform@@YAHXZ
?ParamEqualsInt32_2@Parser@@QAE_NPBD0PAH1@Z
?GetInt@Parser@@QAE_NPAH@Z
?GetFloat2@Parser@@QAE_NPAM0@Z
?GetEqualsToken@Parser@@QAE_NXZ
?MessageBoxA@Platform@@YAXPBD0ZZ
??0CommandLine@@QAE@XZ
?initialize@MemoryMgr@@QAEHXZ
??1CommandLine@@UAE@XZ
?addCommand@CommandLine@@QAEXPBDHH@Z
?init@CommandLine@@QAEXHPAPAD@Z
?SystemCheck@Platform@@YA_NXZ
?SetMinimized@Platform@@YAX_N@Z
?SetActive@Platform@@YAX_N@Z
?GetActive@Platform@@YA_NXZ
?RawKeyToLocalKey@Platform@@YAHH@Z
?GetAppFilePrefix@Platform@@YAPBDXZ
?SetApp@Platform@@YAXPAUHINSTANCE__@@@Z
?GetCPUInfo@@YAHXZ
?BeginTimePeriod@Platform@@YAXXZ
?EndTimePeriod@Platform@@YAXXZ
?touchMemory@MemoryMgr@@QAEXXZ
?checkMemory@MemoryMgr@@QAEHHPAI_N@Z
??0MemoryMgr@@QAE@XZ
?defineBank@MemoryMgr@@QAEHW4e_MemoryLocation@@W4e_MemoryBankType@@PBDI@Z
??1MemoryMgr@@UAE@XZ
?CreateDir@Platform@@YAHPBD@Z
?s_setLocalePath@StringTable@@SAXPBD@Z
?setLanguage@StringTable@@QAE_NPBD@Z
?SetAppState@Platform@@YAXW4e_AppState@@@Z
?Load3dSoundAPI@@YA_NPBD@Z
?sndCreateSnd3dSubsystem@@3P6GPAVsnd3dSubsystem@@XZA
?LoadGraphicsAPI@@YA_NPBD@Z
?gfxCreateGfxSubsystem@@3P6GPAVgfxSubsystem@@XZA
?GetPlatformOS@Platform@@YA?AW4e_OperatingSystem@@XZ
?LoadIconA@Platform@@YAPAUHICON__@@H@Z
?GetApp@Platform@@YAPAUHINSTANCE__@@XZ
?InitWindow@Platform@@YAPAUHWND__@@PAUHINSTANCE__@@PAU2@PBDPAUHICON__@@3HHHH_N4P6GJ1IIJ@Z@Z
?SetWindow@Platform@@YAXPAUHWND__@@@Z
?MessagePump@Platform@@YAHXZ
?GetWindow@Platform@@YAPAUHWND__@@XZ
?UnloadGraphicsAPI@@YA_NXZ
?Unload3dSoundAPI@@YA_NXZ
??1StringTable@@UAE@XZ
??0StringTable@@QAE@XZ
?mt_srand@@YAXI@Z
?GetTime@Platform@@YAIXZ
?mt_rand@@YAIXZ
?ParseLine@Parser@@QAE_NXZ
??0Parser@@QAE@PAD@Z
?alloc@MemoryMgr@@QAEPAXHIPBDI@Z
??1Parser@@UAE@XZ
?ParamEqualsBoolean@Parser@@QAE_NPBD0PA_N@Z
?ParamEqualsFloat32_2@Parser@@QAE_NPBD0PAM1@Z
?ParamEqualsFloat32@Parser@@QAE_NPBD0PAM@Z
?ParamEqualsInt32@Parser@@QAE_NPBD0PAH@Z
?ParamEqualsString@Parser@@QAE_NPBD0PADI@Z
?GetToken@Parser@@QAEPADPAD@Z
?cmdExists@CommandLine@@QAE_NPBD@Z
?GetCommandLineA@Platform@@YAPAVCommandLine@@XZ
?SpawnWebBrowser@Platform@@YAXPBD@Z
?getArgs@CommandLine@@QAE_NPBDPAHPAPAPAD@Z
?Sleep@Platform@@YAXI@Z
?GetAppVersion@Platform@@YAPBDXZ
?ReportCPUInfo@@YAXXZ
?GetAppTitle@Platform@@YAPBDXZ
?CreateAppFilename@Platform@@YAPBDPBD0@Z
?SetCommandLine@Platform@@YAXPAVCommandLine@@@Z

file

?initialize@File@@YA_N_N@Z
?loadArchive@File@@YAHPBD@Z
?registerThread@File@@YAXXZ
?unregisterThread@File@@YAXXZ
?seek@File@@YAHPAU_MjzFileType_s@@HH@Z
?open@File@@YAPAU_MjzFileType_s@@PBD0@Z
?getLength@File@@YAHPAU_MjzFileType_s@@@Z
?read@File@@YAIPAXIIPAU_MjzFileType_s@@@Z
?close@File@@YAHPAU_MjzFileType_s@@@Z
?write@File@@YAIPBXIIPAU_MjzFileType_s@@@Z
?setLocalePath@File@@YAXPBD@Z

ui2

?getType@uiVisualWidget@@UAEPBDXZ
?isType@uiVisualWidget@@UAE_NPBD@Z
?_update@uiVisualWidget@@MAEXHH@Z
?getType@uiRadioGroup@@UAEPBDXZ
?isType@uiRadioGroup@@UAE_NPBD@Z
?_render@uiProgressBar@@MAEXHH@Z
?_update@uiProgressBar@@MAEXHH@Z
?_parseParams@uiProgressBar@@MAEXPAVParser@@PAD@Z
??1uiProgressBar@@UAE@XZ
??0uiProgressBar@@QAE@XZ
?_inputEvent@uiVisualWidget@@MAE_NW4e_uiEvent@@HHH_N1@Z
?_deactivate@uiVisualWidget@@MAEXXZ
?setValue@uiProgressBar@@UAEXH_N@Z
?setValue@uiRadioGroup@@QAEXH@Z
?_parseParams@uiRadioGroup@@MAEXPAVParser@@PAD@Z
??1uiRadioGroup@@UAE@XZ
??0uiRadioGroup@@QAE@XZ
??_7uiNonVisualWidget@@6B@
?addChild@uiWidget@@QAEXPAV1@_N@Z
?_parseParams@uiVisualWidget@@MAEXPAVParser@@PAD@Z
?_releaseSprite@uiWidget@@IAEXH@Z
??0uiVisualWidget@@QAE@XZ
??1uiVisualWidget@@UAE@XZ
?testBounds@uiVisualWidget@@UAE_NHH@Z
?_inputEvent@uiRadioButton@@MAE_NW4e_uiEvent@@HHH_N1@Z
??1uiRadioButton@@UAE@XZ
??0uiRadioButton@@QAE@XZ
?_parseParams@uiRadioButton@@MAEXPAVParser@@PAD@Z
?_parseSingleFlag@uiButton@@MAEXPBD@Z
?testBounds@uiButton@@UAE_NHH@Z
?_render@uiRadioButton@@MAEXHH@Z
?_update@uiButton@@MAEXHH@Z
?_activate@uiVisualWidget@@MAEXXZ
?_deactivate@uiButton@@MAEXXZ
?_loseFocus@uiButton@@MAEXXZ
?setAlpha@uiVisualWidget@@UAEXEII_N@Z
?releaseSprite@uiVisualWidget@@UAEXXZ
?setSprite@uiVisualWidget@@UAE_NPBDHH_N@Z
?setAnim@uiVisualWidget@@UAEXH@Z
?detachFromParent@uiWidget@@QAEXXZ
?setWidgetStates@uiWidget@@QAEX_N000@Z
?g_ui@@3PAVuiSubsystem@@A
?getWidget@uiWidget@@QAEPAV1@PBDH@Z
?setFrame@uiVisualWidget@@UAEXH@Z
?getFrame@uiVisualWidget@@UAEHXZ
?getSpriteId@uiVisualWidget@@UAEHXZ
?_parseHotkey@uiButton@@MAEXPBD@Z
?_getButtonAnim@uiButton@@MBEHXZ
?_resetHover@uiButton@@MAEX_N@Z
?s_fDeltaTime@uiWidget@@2MA
?isType@uiWidget@@UAE_NPBD@Z
??1uiWidget@@UAE@XZ
?_inputEvent@uiWidget@@MAE_NW4e_uiEvent@@HHH_N1@Z
?s_getDepthValue@uiWidget@@SAHPBD@Z
??1uiTextWidget@@UAE@XZ
??1uiNonVisualWidget@@UAE@XZ
??0uiWidget@@QAE@XZ
?_getDepthValue@uiWidget@@IAEHPBD@Z
??0uiTextWidget@@QAE@XZ
?applyScriptlet@uiWidget@@UAEXPBD@Z
?_parseBoolean@uiWidget@@MAE_NPAVParser@@@Z
?_parseParams@uiTextWidget@@MAEXPAVParser@@PAD@Z
?_parseFlags@uiWidget@@MAEXPAVParser@@@Z
?_parseSingleFlag@uiWidget@@MAEXPBD@Z
?update@uiWidget@@UAEXHH@Z
?render@uiWidget@@UAEXHH@Z
?inputEvent@uiWidget@@UAE_NW4e_uiEvent@@HHH_N1@Z
?initialize@uiWidget@@UAEXXZ
?getType@uiTextWidget@@UAEPBDXZ
?isType@uiTextWidget@@UAE_NPBD@Z
?testBounds@uiWidget@@UAE_NHH@Z
?setVisible@uiWidget@@UAEX_N0@Z
?setInputFocus@uiWidget@@UAEX_N0@Z
?setActive@uiWidget@@UBE_NXZ
?setActive@uiWidget@@UAEX_N0@Z
?overrideVisible@uiWidget@@UAEX_N@Z
?overrideInputFocus@uiWidget@@UAEX_N@Z
?overrideActive@uiWidget@@UAEX_N@Z
?getVisible@uiWidget@@UBE_NXZ
?getInputFocus@uiWidget@@UBE_NXZ
?getOverrideVisible@uiWidget@@UBE_NXZ
?getOverrideInputFocus@uiWidget@@UBE_NXZ
?getOverrideActive@uiWidget@@UBE_NXZ
?getWidth@uiTextWidget@@MBEHXZ
?getHeight@uiTextWidget@@MBEHXZ
?setWidth@uiWidget@@UAEXH@Z
?setHeight@uiWidget@@UAEXH@Z
?trace@uiWidget@@UAEPAU_uiTrace_s@@HHHPBD@Z
?_playWithPan@uiWidget@@UAEPAVsnd3dHandle@@PBDIMH@Z
?_initialize@uiWidget@@MAEXXZ
?_render@uiTextWidget@@MAEXHH@Z
?_update@uiTextWidget@@MAEXHH@Z
?_inputEvent@uiTextWidget@@MAE_NW4e_uiEvent@@HHH_N1@Z
?_trace@uiWidget@@MAEPAU_uiTrace_s@@HHHPBD@Z
?_showWidget@uiWidget@@MAEXXZ
?_hideWidget@uiWidget@@MAEXXZ
?_activate@uiWidget@@MAEXXZ
?_deactivate@uiWidget@@MAEXXZ
?_gainFocus@uiWidget@@MAEXXZ
?_loseFocus@uiWidget@@MAEXXZ
?setAlpha@uiTextWidget@@UAEXEII_N@Z
?setFont@uiTextWidget@@UAE_NPBD@Z
?setJustify@uiTextWidget@@UAEXI@Z
?_print@uiTextWidget@@MAEXHPBI@Z
?_lerpToTargetAlpha@uiTextWidget@@MAEXXZ
?_parseParams@uiWidget@@MAEXPAVParser@@PAD@Z
?getType@uiNonVisualWidget@@UAEPBDXZ
?isType@uiNonVisualWidget@@UAE_NPBD@Z
?getWidth@uiWidget@@UBEHXZ
?getHeight@uiWidget@@UBEHXZ
?_render@uiNonVisualWidget@@MAEXHH@Z
?_update@uiNonVisualWidget@@MAEXHH@Z
?_inputEvent@uiNonVisualWidget@@MAE_NW4e_uiEvent@@HHH_N1@Z
?setAlpha@uiWidget@@UAEXEII_N@Z
?registerProgCb@uiWidget@@SAXP6AXPAV1@PAXW4e_uiProgressEvent@@@Z1@Z
?gfxStatistics@uiSubsystem@@QAEX_NPBD@Z
?setTopLevelWidget@uiSubsystem@@QAEXPAVuiWidget@@@Z
?assignCallbacks@uiWidget@@QAEXPAU_WidgetMap_s@@PAX@Z
?setValue@uiSliderButton@@QAEXM@Z
?getValue@uiSliderButton@@QBEMXZ
?step@uiProgressBar@@QAEXXZ
?getTextRect@uiTextWidget@@QBEXPAU_uiRect_s@@@Z
?reset@uiParticleSystem@@QAEXXZ
?setRange@uiProgressBar@@QAEXHH@Z
?setInputFocusWidget@uiSubsystem@@QAEXPAVuiWidget@@@Z
?initialize@uiSubsystem@@QAEHPAVPreferences@@@Z
??0uiSubsystem@@QAE@XZ
??1uiSubsystem@@UAE@XZ
?shutdown@uiSubsystem@@QAEHXZ
?forceTerminate@uiSubsystem@@QAEXXZ
?render@uiSubsystem@@QAEHI@Z
?defineDepth@uiWidget@@SAXPBDI@Z
?inputEvent@uiSubsystem@@QAEXW4e_uiEvent@@HHH@Z
?stop@uiParticleSystem@@QAEXXZ
?topDialog@uiSubsystem@@QAEPAVuiDialog@@XZ
?isDialogPushed@uiSubsystem@@QAE_NPAVuiDialog@@@Z
?pushDialog@uiSubsystem@@QAEXPAVuiDialog@@_N@Z
?topDialogIsIdle@uiSubsystem@@QAE_NPAVuiDialog@@@Z
?disable@uiButton@@QAEXXZ
?getText@uiTextWidget@@QAEPBIXZ
?getValue@uiRadioGroup@@QBEHXZ
?reportDialogStack@uiSubsystem@@QAEXXZ
?popDialog@uiSubsystem@@QAEXPAVuiDialog@@_N@Z
?s_registerWidget@uiSubsystem@@SAXPBDP6APAVuiWidget@@XZ@Z
?s_dynamicLoading@uiWidget@@2_NA
?print@uiTextWidget@@QAAXHPBDZZ
?loadUI@uiSubsystem@@QAEPAVuiWidget@@PBD@Z
?_render@uiVisualWidget@@MAEXHH@Z

snd3d

?initialize@snd3dSubsystem@@QAEHPAVPreferences@@PAUHWND__@@_N@Z
?setCoopLevel@snd3dSubsystem@@QAEXPAUHWND__@@_N@Z
?shutdown@snd3dSubsystem@@QAEHXZ
?update@snd3dSubsystem@@QAEXM@Z
?loadSoundLibrary@snd3dSubsystem@@QAEHPBD@Z
?setMute@snd3dSubsystem@@QAEXW4e_snd3dSoundTypes@@_N@Z
?getMasterVolume@snd3dSubsystem@@QAEMW4e_snd3dSoundTypes@@@Z
?setMasterVolume@snd3dSubsystem@@QAEXW4e_snd3dSoundTypes@@M@Z
?suspend@snd3dSubsystem@@QAEX_N@Z
?setFrequencyScale@snd3dHandle@@QAEXM@Z
?playSound@snd3dSubsystem@@QAEPAVsnd3dHandle@@W4e_snd3dSoundTypes@@PBD_N2@Z
?setLoop@snd3dHandle@@QAEX_N@Z
?stop@snd3dHandle@@QAEXXZ
?startPlaylist@snd3dSubsystem@@QAEXPBD0_N@Z
?stopPlaylist@snd3dSubsystem@@QAEX_N@Z
?g_snd3d@@3PAVsnd3dSubsystem@@A

gfx2d

?moveWindow@gfxSubsystem@@QAEXXZ
?displayChanged@gfxSubsystem@@QAEXPAUHWND__@@HHH@Z
?suspendRenderer@gfxSubsystem@@QAEX_N@Z
?defineDepthNode@gfxSubsystem@@QAEXPBDI@Z
?update@gfxSubsystem@@QAEHI@Z
?getSpriteFrameCount@gfxSubsystem@@QBEHHH@Z
?createParticleSystem@gfxSubsystem@@QAEHPBD@Z
?registerThread@gfxSubsystem@@QAEXPBD@Z
?unregisterThread@gfxSubsystem@@QAEXPBD@Z
?line@gfxSubsystem@@QAEXHHHHHMQBE@Z
?createSprite@gfxSubsystem@@QAEHPBD@Z
?getSpriteHeight@gfxSubsystem@@QBEHH@Z
?getSpriteWidth@gfxSubsystem@@QBEHH@Z
?g_gfx@@3PAVgfxSubsystem@@A
?createParticleSystemInstance@gfxSubsystem@@QAEHPBDHP6AXPAXW4e_ParticleEvents@@PAVgfxParticleSystemInstance@@H@Z1@Z
?psemit@gfxSubsystem@@QAEXHHM@Z
?blt@gfxSubsystem@@QAEXHHHHHHE@Z
?particleSystemInstanceIsDead@gfxSubsystem@@QAE_NH@Z
?particleSystemInstanceStopEmitters@gfxSubsystem@@QAEXH@Z
?blt@gfxSubsystem@@QAEXHHHHHHHHHHE@Z
?g_whiteColor@@3PAEA
?bltx_f@gfxSubsystem@@QAEXHHHMMHHQAEEM_NM1@Z
?isHardwareAccelerated@gfxSubsystem@@QBE_NXZ
?releaseParticleSystem@gfxSubsystem@@QAEXPBD@Z
?createFont@gfxSubsystem@@QAEHPBD@Z
?releaseParticleSystemInstance@gfxSubsystem@@QAEXH@Z
?updateParticleSystem@gfxSubsystem@@QAEXHHHM@Z

logger

?log@udLogger@@SAXHPBDZZ
?registerClient@udLogger@@SAHPBD@Z
?terminate@udLogger@@SAXXZ
?isVisible@udLogger@@SA_NXZ
?start@udLogger@@SAXPBD@Z
?ReportLastError@@YAXXZ
?showWindow@udLogger@@SAX_N@Z

msvcrt

sprintf
_purecall
_CIacos
strncpy
sscanf
_beginthreadex
atoi
__CxxFrameHandler
_snprintf
_stricmp
_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__p___argv
__p___argc
_wcslwr
fopen
fclose
_ftol

kernel32

WaitForSingleObject
ReleaseMutex
Sleep
CreateMutexA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetVersionExA
GetModuleHandleA
CloseHandle
GetStartupInfoA

crash

?InitCrashHandler@@YA_NPBD0@Z

dsetup

ord11

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mydata
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac171bffaa1bef5806315fe785b88d5d

Headers

File Characteristics

Imports

user32

core

file

ui2

snd3d

gfx2d

logger

msvcrt

kernel32

crash

dsetup

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 28KB - Virtual size: 30KB

.mydata Size: 4KB - Virtual size: 4B

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 28KB - Virtual size: 30KB

.mydata
Size: 4KB - Virtual size: 4B

.rsrc
Size: 24KB - Virtual size: 22KB