bf1cde377b1b83ab0c67d4c20fe9ccbe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf1cde377b1b83ab0c67d4c20fe9ccbe_JaffaCakes118
Size

1.6MB
MD5

bf1cde377b1b83ab0c67d4c20fe9ccbe
SHA1

a4656157b0e8eb63d589266cc915b3a6a873bfeb
SHA256

6607e8dd1ffa13545541f4eb2815de9ee1f2d43a618d06a7c227128fce2b80bf
SHA512

f972e623b7596a1cff1d54f1246d4a3eaff3a651297c1fadd92df0b96e152d357d242e88ab0752b235d984c03fe7c119c71842d44d9a98f4117f968db668a2fa
SSDEEP

24576:isFnrIvQBr1UloQG3VXIJ/dU7UyhSXB5fzMTx1dTSmis2gOG8hVGOSKac9:jWJ67UA45sTXF2gYGw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf1cde377b1b83ab0c67d4c20fe9ccbe_JaffaCakes118

Files

bf1cde377b1b83ab0c67d4c20fe9ccbe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3b4d2cbb79b002a6876e9df779c793f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

w:\Painkiller\Game\Bin\ObjectsRelease\PainEditor\PainEditor.pdb

Imports

engine

?OpenPack@GPack@@UAE_NPBD0@Z
?Initialize@PCFSystem@@QAEHPAUHINSTANCE__@@PBD@Z
??YString@@QAEAAV0@PBD@Z
??0PCFSystem@@QAE@XZ
?OurView@@3P6APAVView@@XZA
?OurGame@@3P6APAVEngineGame@@XZA
?GFileManAudio@@3VGFileManager@@A
?RegisterPack@GFileManager@@QAEPAVGPack@@PAV2@PBD1_N@Z
?GFileMan@@3VGFileManager@@A
??0GPack@@QAE@XZ
??1GPack@@UAE@XZ
?Tick@PhysicsEngine@@QAE_NM_N@Z
?SetMasterVolumeLevel@MilesEngine@@QAEXM@Z
?ReloadTextures@MaterialSystem@@QAEHXZ
?FloorSelection@Pathfinder@@QAEXPAUtagRECT@@H@Z
?Selection@Pathfinder@@QAEHMPAUtagRECT@@H@Z
?FloorSelection@Pathfinder2@@QAEXABVViewport@@PAUtagRECT@@_N@Z
?Selection@Pathfinder2@@QAEHAAVViewport@@MPAUtagRECT@@_N@Z
?PrepareFloors@Pathfinder@@QAEXXZ
?PrepareFloors@Pathfinder2@@QAEXXZ
?SelectUnselectWaypointsOnSelectedFloors@Pathfinder@@QAEXH@Z
?Select_OnSelectedFloors@Pathfinder2@@QAEX_N@Z
?ConnectSelected@Pathfinder@@QAEXXZ
?Selected_ConnectDisconnect@Pathfinder2@@QAEXMMHH@Z
?DisconnectSelected@Pathfinder@@QAEXXZ
?CopySelected@Pathfinder@@QAEXXZ
?Selected_Copy@Pathfinder2@@QAEXABVVector@@@Z
?RemoveSelectedFloors@Pathfinder@@QAEXXZ
?RemoveSelected@Pathfinder@@QAEXXZ
?SelectedFloors_Remove@Pathfinder2@@QAEXXZ
?Selected_Remove@Pathfinder2@@QAEXXZ
?MoveSelectedToZoneTheyreIn@Pathfinder@@QAEXXZ
?GenerateAutomaticStructures@Pathfinder2@@QAEXXZ
?ClearAutomaticStructures@Pathfinder2@@QAEXXZ
?Print@LogBuffer@@QAAXPBDZZ
?SelectWaypointsNotConnectedToAnythingInCurrentRoom@Pathfinder@@QAEXXZ
?Select_NotConnectedToAnything@Pathfinder2@@QAEXXZ
?CleanStructures@Pathfinder@@QAEXXZ
?SetSelectedAsForSmallMonstersOnly@Pathfinder@@QAEXXZ
?SetSelectedAsForAllMonsters@Pathfinder@@QAEXXZ
?InvertSelection@Pathfinder@@QAEXXZ
?Select_Invert@Pathfinder2@@QAEXXZ
?ImportFromOldPathfinder@Pathfinder2@@QAEXXZ
?GetCurrentSetFromSelected@Pathfinder2@@QAEXXZ
?MakeNewSetFromSelected@Pathfinder2@@QAEXXZ
?ExpandCurrentSet@Pathfinder2@@QAEXXZ
?ContractCurrentSet@Pathfinder2@@QAEXXZ
?ValidateSets@Pathfinder2@@QAEXXZ
?MergeSetsFromSelected@Pathfinder2@@QAEXXZ
?Selected_MoveToCurrentSet@Pathfinder2@@QAEXXZ
?Select_AllInSet@Pathfinder2@@QAEX_NG@Z
?ChangeViewLimits@Pathfinder2@@QAEX_N@Z
?ApplyUndo@Pathfinder2@@QAEXXZ
?DoFile@Script@@QAE_NPBD_N@Z
?GetFile@GPack@@UAEPAVGFile@@PAUFIdx@@@Z
?ConnectDisconnectSelected@Pathfinder@@QAEXMMHH@Z
?SelectUnselectFloorsOfAreaLowerHigherThan@Pathfinder@@QAEXHHM@Z
?Select_FloorsOfAreaLowerHigherThan@Pathfinder2@@QAEX_N0M@Z
?MergeContents@Pathfinder2@@QAE_NPBDM@Z
?LoadFloors@Pathfinder@@QAEHPBDM@Z
?LoadContents@Pathfinder@@QAEHPBDM_N@Z
?LoadFloors@Pathfinder2@@QAE_NPBDM@Z
?LoadContents@Pathfinder2@@QAE_NPBDM_N@Z
?SaveFloors@Pathfinder@@QAEHPBDM@Z
?SaveContents@Pathfinder@@QAEHPBDM@Z
?SaveFloors@Pathfinder2@@QAE_NPBDM@Z
?SaveContents@Pathfinder2@@QAE_NPBDM_N@Z
?Activate@LoadingScreen@@QAEX_NHVString@@1@Z
?Init@Script@@QAE_NXZ
?RemoveConnectionsCollidingWithGeometryInSelected@Pathfinder@@QAEXXZ
?Selected_RemoveConnectionsCollidingWithGeometry@Pathfinder2@@QAEXM@Z
?PreparePortalNodes@Pathfinder@@QAEHM@Z
?AddGridOnSelectedFloors@Pathfinder@@QAEXM@Z
?SelectedFloors_AddGrid@Pathfinder2@@QAEXM@Z
?ScaleContents@Pathfinder@@QAEXM@Z
?ScaleContents@Pathfinder2@@QAEXM@Z
?SelectWaypointsOutsideOfCurrentZone@Pathfinder@@QAEXM@Z
?LevelWaypointsWithFloors@Pathfinder@@QAEXM@Z
?SwitchToState@PCFSystem@@QAEXH@Z
?MergeWaypointsBelowDistance@Pathfinder2@@QAEXM@Z
?m_free_a16@@YAXPAX@Z
?TickEngine@PCFSystem@@QAEX_N@Z
?SwitchMenu@EngineGame@@QAEX_N@Z
??HString@@QBE?AV0@ABV0@@Z
?FindFiles@GFileManager@@QAEXPBDAAV?$DynamicArray@VString@@@@K@Z
?BaseName@String@@SA?AV1@ABV1@@Z
?Restart@ParticleEffect@@QAEXXZ
?Sprintf@String@@SA?AV1@PBDZZ
??0?$DynamicArray@D@@QAE@XZ
?GetTextInfo@SimpleProfiler@@QAE?AVString@@XZ
?GProfiler@@3VSimpleProfiler@@A
??1GFileManager@@QAE@XZ
??0GFileManager@@QAE@XZ
?m_malloc_a16@@YAPAXI@Z
?m_realloc_a16@@YAPAXPAXI@Z
??0?$DynamicArray@D@@QAE@ABV0@@Z
??1ScriptTableIterator@@QAE@XZ
?Next@ScriptTableIterator@@QAE_NXZ
?GetBool@ScriptObject@@QBE_NXZ
?GetFloat@ScriptObject@@QBEMXZ
?GetInt@ScriptObject@@QBEHXZ
?GetType@ScriptObject@@QBEHXZ
??0ScriptTableIterator@@QAE@AAVScriptObject@@_N@Z
?IsTable@ScriptObject@@QBE_NXZ
??AScriptObject@@QAE?AV0@H@Z
?GetCount@ScriptObject@@QBEHXZ
?Call@Script@@QAAXPBDH0ZZ
??0Script@@QAE@PAUlua_State@@H@Z
?GLog@@3VLogBuffer@@A
?SetCallbackFunc@LogBuffer@@QAEXP6AXPBD@Z@Z
?Close@LogBuffer@@QAEXXZ
?ErrorMessageBox@StackTracer@@SAXXZ
??1View@@UAE@XZ
?PushBool@Script@@QAEX_N@Z
?IsNil@ScriptObject@@QBE_NXZ
?Resize@?$DynamicArray@D@@QAEXH@Z
??0View@@QAE@XZ
??_7EngineGame@@6B@
??0EngineGame@@QAE@XZ
?RegisterFunction@Script@@QAEXPBDP6AHPAUlua_State@@@Z@Z
?RegisterLibrary@Script@@QAEXPBDPBUluaL_reg@@_N@Z
?GetTimeAsString@SystemDriver@@QBEPBDXZ
?Release@Script@@QAEXXZ
??0String@@QAE@PBD@Z
?StripColorInfo@HUD@@SA?AVString@@V2@@Z
??1?$DynamicArray@D@@QAE@XZ
??1String@@QAE@XZ
?PushString@Script@@QAEXPBD@Z
?GetInt@Script@@QAEHHH@Z
??1PCFSystem@@QAE@XZ
?RandomizeSets@Pathfinder2@@QAEXXZ
?GetBool@Script@@QAE_NH_N@Z
?GetString@Script@@QAEPBDHPBD@Z
?ResetTimer@SystemDriver@@QAEXXZ
??1Script@@QAE@XZ
?FullScreenHWND@GraphicsDevice@@QBEPAUHWND__@@XZ
?GEngine@@3PAVPCFSystem@@A
?DoString@Script@@QAAXPBDZZ
?GScript@@3VScript@@A
?SwitchConsole@EngineGame@@QAEXXZ
?gDemoRec@@3PAVDemoRecording2@@A
?Globals@Script@@QAE?AVScriptObject@@XZ
??AScriptObject@@QAE?AV0@PBD@Z
?GetString@ScriptObject@@QBEPBDXZ
??1ScriptObject@@QAE@XZ
?ShowMenu@EngineGame@@QAEXXZ
?EnableSets@Pathfinder2@@QAEX_N@Z
?PauseSounds@PainMenu@@QAEXXZ

kernel32

InterlockedExchange
GetACP
GetLocaleInfoA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
HeapSize
HeapReAlloc
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
TerminateProcess
ExitProcess
RtlUnwind
CreateThread
GetTickCount
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
GetVolumeInformationA
GetDriveTypeA
GetLogicalDriveStringsA
CreateDirectoryA
Sleep
CreateProcessA
GetLastError
CreateMutexA
GetCommandLineA
SetCurrentDirectoryA
GetModuleFileNameA
MultiByteToWideChar
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetVersion
lstrcmpiA
lstrlenW
lstrlenA
LeaveCriticalSection
EnterCriticalSection
FlushInstructionCache
GetCurrentProcess
LocalFree
lstrcpynA
SetErrorMode
CreateFileA
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
FormatMessageA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
InterlockedIncrement
GlobalFlags
WritePrivateProfileStringA
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcmpW
GetModuleHandleA
GetProcAddress
InterlockedDecrement
lstrcatA
WaitForSingleObject
GetCurrentThreadId
ResumeThread
SetThreadPriority
CloseHandle
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock

user32

IsRectEmpty
DeleteMenu
GetMenuItemInfoA
GetSysColorBrush
ShowOwnedPopups
MapVirtualKeyA
GetKeyNameTextA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
GetMenuCheckMarkDimensions
LoadMenuA
PostMessageA
SendMessageA
MessageBoxA
SetForegroundWindow
SetFocus
GetDesktopWindow
UpdateWindow
ShowWindow
GetAsyncKeyState
GetClientRect
GetWindow
EnableWindow
OffsetRect
DestroyMenu
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
SetMenu
PostQuitMessage
WinHelpA
GetCapture
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetSystemMenu
SetParent
DestroyIcon
WindowFromPoint
GetPropA
RemovePropA
IsChild
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetDCEx
IsClipboardFormatAvailable
MessageBeep
GetParent
GetWindowRect
InvalidateRect
LoadIconA
GetWindowTextA
EnumChildWindows
IsIconic
GetForegroundWindow
ShowWindowAsync
ShowCursor
UnregisterClassA
SetCapture
LoadCursorA
SetCursor
ReleaseCapture
TrackPopupMenu
ShowScrollBar
ScreenToClient
EqualRect
DeferWindowPos
SetScrollInfo
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthA
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SendDlgItemMessageA
CheckRadioButton
CheckDlgButton
UnhookWindowsHookEx
wsprintfA
AdjustWindowRectEx
RedrawWindow
SetWindowPos
TranslateAcceleratorA
TranslateMDISysAccel
CreateWindowExA
BringWindowToTop
DrawMenuBar
DefMDIChildProcA
GetMenu
DefFrameProcA
SetWindowsHookExA
CallNextHookEx
LoadBitmapA
SetTimer
IsWindowEnabled
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
PeekMessageA
GetCursorPos
ValidateRect
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
IsWindow
GetTopWindow
GetWindowLongA
SetWindowLongA
GetDlgItem
CallWindowProcA
KillTimer
GetScrollInfo
SendMessageW
GetCaretPos
RegisterWindowMessageA
GetKeyState
GetClassInfoA
GrayStringA
DrawTextExA
TabbedTextOutA
GetFocus
InflateRect
PtInRect
RegisterClassA
SetScrollPos
GetScrollPos
ReleaseDC
GetDC
DefWindowProcA
SetRect
GetSysColor
GetSystemMetrics
SetScrollRange
GetScrollRange
LockWindowUpdate
DrawFocusRect
FrameRect
FillRect
DrawTextA
CopyRect
IsWindowVisible
DestroyCursor
EnableScrollBar
IsMenu
ShowCaret
HideCaret
DrawStateA
GetIconInfo
CopyIcon
RegisterClipboardFormatA
CopyAcceleratorTableA
IsCharLowerA
MapVirtualKeyExA
GetKeyboardLayout
GetMenuDefaultItem
SetCursorPos
SetWindowRgn
CheckMenuItem

gdi32

GetDeviceCaps
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
Rectangle
Polygon
GetBkColor
SelectObject
CreateCompatibleBitmap
CreateSolidBrush
CreatePen
GetStockObject
CreateFontIndirectA
GetTextExtentPoint32A
CreateRectRgnIndirect
BitBlt
CreateCompatibleDC
GetObjectA
DeleteDC
CreatePatternBrush
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
StretchDIBits
GetTextMetricsA
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
DeleteObject
SelectClipRgn
CreateRectRgn
EnumFontFamiliesExA
GetTextCharsetInfo
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetDIBits
CreateDIBSection

comdlg32

GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shell32

DragQueryFileA
DragFinish

comctl32

ImageList_Draw
ImageList_SetBkColor
ord17
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
_TrackMouseEvent
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_Add
ImageList_GetImageCount
ImageList_GetImageInfo

shlwapi

PathFindFileNameA
PathFindExtensionA

ole32

CoDisconnectObject

oleaut32

LoadTypeLi
SysFreeString
SysStringLen
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SysAllocString

ws2_32

WSAStartup
gethostname
gethostbyname
WSACleanup

winmm

PlaySoundA

oledlg

ord1

Sections

.text
Size: 436KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 776KB - Virtual size: 775KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.heb
Size: 1B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3b4d2cbb79b002a6876e9df779c793f

Headers

File Characteristics

PDB Paths

Imports

engine

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

ws2_32

winmm

oledlg

Sections

.text Size: 436KB - Virtual size: 432KB

.rdata Size: 124KB - Virtual size: 120KB

.data Size: 12KB - Virtual size: 28KB

.rsrc Size: 776KB - Virtual size: 775KB

.reloc Size: 88KB - Virtual size: 84KB

.heb Size: 1B - Virtual size: 1B

.text
Size: 436KB - Virtual size: 432KB

.rdata
Size: 124KB - Virtual size: 120KB

.data
Size: 12KB - Virtual size: 28KB

.rsrc
Size: 776KB - Virtual size: 775KB

.reloc
Size: 88KB - Virtual size: 84KB

.heb
Size: 1B - Virtual size: 1B