b5fd15bdcbbbc94b1a191a2fa2d2a2df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b5fd15bdcbbbc94b1a191a2fa2d2a2df_JaffaCakes118
Size

126KB
MD5

b5fd15bdcbbbc94b1a191a2fa2d2a2df
SHA1

6993aea19be413a634b0cce5d7cf0c373334399a
SHA256

0388d548de7dd28244a57f0d3880bb37eef3cd9f971e65b20a437e7dd427a115
SHA512

fc19215f0a748cfb5349a0774ac7a0b89683ba569ae4a22b35d770a3f7ad4805f1df4d7f2940eb25739b6ae0528eb8f5265329a6d543395133578c2f21943f73
SSDEEP

3072:E95AvyGq/Zpc63L798kFRh1Uo0dQ0HBrPUfHay6R6FymL:E9+vs3Lh17r0bhrPGHay6IL

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Interwebz VIP Reborn [Cracked]/Interwebz_VIP_Reborn_[cracked-DBS].dll
unpack001/Interwebz VIP Reborn [Cracked]/Interwebz_VIP_Reborn_[cracked-DBS].exe

Files

b5fd15bdcbbbc94b1a191a2fa2d2a2df_JaffaCakes118
.rar
Interwebz VIP Reborn [Cracked]/Interwebz_VIP_Reborn_[cracked-DBS].dll
.dll windows:5 windows x86 arch:x86

ab68c168bd872b9260c1069a0f5fb1bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\BACKUP\INTERWEBZ REBORN\Binary\INTERWEBZ.pdb

Imports

opengl32

glLoadIdentity
glLineWidth
glPushMatrix
glPopMatrix
glShadeModel
glVertex2f
glEnable
glColor4ub
glBlendFunc
glBegin
glDisable
glVertex2i
glEnd

kernel32

lstrcmpW
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
CreateFileA
GlobalFlags
GetLocaleInfoA
GetCPInfo
GetOEMCP
GetVersionExA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapAlloc
GetCommandLineA
HeapFree
RtlUnwind
RaiseException
VirtualAlloc
HeapReAlloc
HeapSize
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
HeapCreate
HeapDestroy
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetACP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
CompareStringW
SetEnvironmentVariableA
lstrcmpA
InterlockedIncrement
GetModuleHandleW
CompareStringA
GetCurrentThreadId
FormatMessageA
MultiByteToWideChar
lstrlenA
FreeLibrary
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
InterlockedDecrement
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalAlloc
GlobalHandle
GlobalUnlock
GlobalReAlloc
GlobalLock
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
SetLastError
GetLastError
GlobalGetAtomNameA
AddVectoredExceptionHandler
GetCurrentThread
SetThreadContext
GetThreadContext
GetProcAddress
InterlockedExchange
VirtualProtect
CreateThread
GetCurrentProcessId
CreateToolhelp32Snapshot
GetModuleFileNameA
OpenThread
DisableThreadLibraryCalls
Thread32Next
Sleep
Thread32First
ExitProcess
CloseHandle
CreateFileMappingA
MapViewOfFile
GetModuleHandleA
GetTickCount
IsBadStringPtrA

user32

PostQuitMessage
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
ClientToScreen
SetWindowTextA
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetAsyncKeyState
MessageBoxA
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowTextA
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
UnhookWindowsHookEx
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetParent
SendMessageA
GetWindowThreadProcessId
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetSysColor
GetSysColorBrush
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
GetMenuState
PostMessageA

oleacc

CreateStdAccessibleObject
LresultFromObject

gdi32

DeleteDC
GetStockObject
SaveDC
RestoreDC
SetMapMode
ExtTextOutA
DeleteObject
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Interwebz VIP Reborn [Cracked]/Interwebz_VIP_Reborn_[cracked-DBS].exe
.exe windows:1 windows x86 arch:x86

99ef1c5b38469bd67f019d5513ddf381

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetModuleHandleA
ExitProcess
FindResourceA
SizeofResource
LoadResource
CreateFileA
SetFilePointer
ReadFile
CloseHandle
HeapCreate
CreateThread
SetThreadPriority
WaitForSingleObject
HeapDestroy
Sleep
CreateToolhelp32Snapshot
Process32First
Process32Next
lstrcmpi
OpenProcess
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
VirtualFreeEx
GetProcAddress
GetModuleFileNameA

user32

RegisterClassA
CreateWindowExA
DefWindowProcA
GetMessageA
TranslateMessage
DispatchMessageA
LoadCursorA
LoadIconA
GetClientRect
InvalidateRect
GetDC
ReleaseDC
PostQuitMessage
MessageBeep

gdi32

ChoosePixelFormat
SetPixelFormat
SwapBuffers

opengl32

glBegin
glClear
glClearColor
glColor3f
glDepthFunc
glEnable
glEnd
glHint
glLoadIdentity
glReadPixels
glRotatef
glShadeModel
glTranslatef
glVertex3f
glViewport
wglCreateContext
wglDeleteContext
wglMakeCurrent

winmm

waveOutGetPosition
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite
waveOutClose

Sections

.flat
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Interwebz VIP Reborn [Cracked]/Interwebz_VIP_Reborn_[cracked-DBS].nfo
Interwebz VIP Reborn [Cracked]/Settings.ini
readme.txt

Sharing

General

Malware Config

Signatures

Files

ab68c168bd872b9260c1069a0f5fb1bb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

opengl32

kernel32

user32

oleacc

gdi32

winspool.drv

oleaut32

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 12KB - Virtual size: 82KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 31KB - Virtual size: 31KB

99ef1c5b38469bd67f019d5513ddf381

Headers

File Characteristics

Imports

kernel32

user32

gdi32

opengl32

winmm

Sections

.flat Size: 40KB - Virtual size: 40KB

.bss Size: - Virtual size: 72KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 12KB - Virtual size: 82KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 31KB - Virtual size: 31KB

.flat
Size: 40KB - Virtual size: 40KB

.bss
Size: - Virtual size: 72KB