c04086799bc3d103a12f677e8719f591_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c04086799bc3d103a12f677e8719f591_JaffaCakes118
Size

2.1MB
MD5

c04086799bc3d103a12f677e8719f591
SHA1

fcdf5486b23c2da72b24276ff8febd25f7f5bf11
SHA256

6f858a1399acdb22a6422b0b249118a72c8332c7339e97d62930a756a0c713dc
SHA512

f8f90416bcdf80441ce4f8807dfb9138f5b7c7c04a7de3904e233f9fd7aab5b2463051e8126a5f623593121b79f84ae89260673849a8ee085b18013192c31418
SSDEEP

49152:nfV5lbMhbzpglBPz/w2Db9HiVu25TpwHB6o5g/BrND:fRghXpkFz/59bYpwr5CrZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Game.exe

Files

c04086799bc3d103a12f677e8719f591_JaffaCakes118
.zip
Game.exe
.exe windows:6 windows x86 arch:x86

b34eb3393f82312acc67a41e515a548d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Archivos de Source\Source PTL OFICIAL\SrcGame\src\Release\Game.pdb

Imports

dsound

ord1

kernel32

GetPrivateProfileIntA
GetPrivateProfileStringA
CreateDirectoryA
WriteFile
OutputDebugStringA
GetCurrentDirectoryA
CreateProcessA
WritePrivateProfileStringA
SetFilePointer
VirtualProtect
VirtualQuery
GlobalAlloc
GetTickCount64
GetComputerNameA
SuspendThread
ResumeThread
CopyFileA
WaitForSingleObject
SetThreadPriority
TerminateThread
GetExitCodeThread
_lopen
_lcreat
_lread
_lwrite
_lclose
CompareFileTime
GlobalUnlock
GlobalLock
GlobalHandle
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
IsDBCSLeadByte
LocalAlloc
LocalFree
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
TerminateProcess
GetVersionExA
SetEndOfFile
HeapSize
CreateFileW
SetStdHandle
OutputDebugStringW
SetConsoleCtrlHandler
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
CreateThread
FindNextFileW
FindFirstFileExW
FindClose
HeapReAlloc
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapAlloc
HeapFree
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
RaiseException
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
SetLastError
DecodePointer
EncodePointer
FormatMessageW
GetLastError
InitializeSListHead
GetSystemTimeAsFileTime
ExitProcess
GetFileSize
ReadFile
FindFirstFileA
lstrcmpiA
lstrcmpA
lstrcatA
ExitThread
GetCurrentThread
Sleep
Module32Next
Module32First
Thread32Next
Thread32First
GetCurrentProcessId
GetCurrentProcess
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
WriteConsoleW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
CreateToolhelp32Snapshot
lstrlenA
lstrcpyA
lstrcpynA
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
FreeLibraryAndExitThread
GetTickCount
OpenThread
FindNextFileA
GetTimeZoneInformation
InitializeCriticalSection
DuplicateHandle
CloseHandle
IsDebuggerPresent
GetLocalTime
DeleteFileA
CreateFileA
GetCurrentThreadId
IsValidCodePage

user32

SetMenu
LoadMenuA
CheckMenuItem
EnableMenuItem
SetForegroundWindow
CreateMenu
GetMenu
LoadIconA
DestroyIcon
SetWindowPos
GetAsyncKeyState
AdjustWindowRect
SetWindowLongA
CharToOemA
OemToCharA
CharUpperA
GetWindowTextA
FindWindowA
GetSystemMetrics
wsprintfA
CharLowerA
EnumWindows
GetClassNameA
GetDC
ReleaseDC
SetWindowTextA
GetClientRect
ClientToScreen
OffsetRect
SendMessageA
GetKeyState
MessageBoxA
LoadKeyboardLayoutA
GetKeyboardLayoutNameA
TranslateMessage
DispatchMessageA
PeekMessageA
DefWindowProcA
PostQuitMessage
PostMessageA
CallWindowProcA
SetFocus
GetForegroundWindow
AdjustWindowRectEx
ShowCursor
GetWindowLongA
SetTimer
GetWindow
RegisterClassA
CreateWindowExA
DestroyWindow
ShowWindow
CreateDialogParamA
GetDlgItem
WaitMessage
UpdateWindow
LoadCursorA

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
DeleteDC
DeleteObject
GetDIBits
SelectObject
GetObjectA
GetStockObject
SetTextColor
GetTextColor
CreateSolidBrush
BitBlt

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

d3d9

Direct3DCreate9

d3dx9_43

D3DXCreateFontA
D3DXCreateTextureFromFileInMemoryEx
D3DXGetImageInfoFromFileInMemory

winmm

mmioClose
timeBeginPeriod
mmioWrite
mmioGetInfo
mmioSetInfo
mmioOpenA
timeEndPeriod
timeKillEvent
mixerGetControlDetailsA
timeSetEvent
timeGetTime
mmioRead
mmioAdvance
mmioDescend
mmioAscend
mmioCreateChunk
mixerGetDevCapsA
mixerOpen
mixerClose
mixerGetLineInfoA
mixerGetLineControlsA
mixerSetControlDetails
mmioSeek

shlwapi

PathFileExistsA

msvfw32

ICDecompress
ICSendMessage
ICClose
ICLocate

avifil32

AVIStreamInfoA
AVIStreamOpenFromFileA
AVIStreamRelease
AVIStreamRead
AVIFileExit
AVIStreamLength
AVIStreamReadFormat
AVIFileInit

wininet

InternetOpenUrlA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenA

iphlpapi

GetAdaptersInfo

wsock32

closesocket
ioctlsocket
WSACleanup
accept
bind
connect
inet_ntoa
htons
inet_addr
select
__WSAFDIsSet
WSAAsyncSelect
WSAGetLastError
WSAStartup
gethostname
gethostbyname
socket
setsockopt
send
recv
listen

imm32

ImmSetOpenStatus
ImmSetConversionStatus
ImmGetConversionStatus
ImmGetCandidateListA
ImmGetDescriptionA
ImmGetCompositionStringA
ImmReleaseContext
ImmGetContext
ImmGetProperty
ImmGetCandidateListCountA

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 522KB - Virtual size: 521KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 97.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b34eb3393f82312acc67a41e515a548d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dsound

kernel32

user32

gdi32

advapi32

shell32

ole32

d3d9

d3dx9_43

winmm

shlwapi

msvfw32

avifil32

wininet

iphlpapi

wsock32

imm32

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 522KB - Virtual size: 521KB

.data Size: 1.2MB - Virtual size: 97.9MB

_RDATA Size: 2KB - Virtual size: 1KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 522KB - Virtual size: 521KB

.data
Size: 1.2MB - Virtual size: 97.9MB

_RDATA
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB