db1f1291dcd856cb6392a4716b04a915_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

db1f1291dcd856cb6392a4716b04a915_JaffaCakes118
Size

4.1MB
MD5

db1f1291dcd856cb6392a4716b04a915
SHA1

cec75fb29894977d4c57f98c1f9590d63ece32cc
SHA256

0b25416fe6ef4ebabe95261bfade65406ed9b09cf2697e83784e76e3a1263ca2
SHA512

677b84241f4d3c8afe280221b1c618c97be8ce58618494fd4a067413ad08398da174ae133ef3b6c18c4911f7e3a5aca65a8ff8230a6199b3898a9cab6cc0727e
SSDEEP

98304:luOu/4O5D//h77YdkDFbNjybHnRAxYt1mvjGbV/x:U95j5gEybHFtAjm5

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/新建文件夹 (3)/破解补丁/crack_for_niiduma_lc/[email protected]
unpack001/新建文件夹 (3)/破解补丁/crack_for_niiduma_lc/crack_for_niiduma_lc.exe

Files

db1f1291dcd856cb6392a4716b04a915_JaffaCakes118
.zip
新建文件夹 (3)/本体/[BBS.2DJGAME.NET]NiidumaLC.torrent
新建文件夹 (3)/破解补丁/crack_for_niiduma_lc/[email protected]
.dll windows:6 windows x86 arch:x86

df110779fec919d86da9b3bcd2616621

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
OpenThread
GetThreadContext
SetThreadContext
VirtualAlloc
VirtualProtect
GetModuleHandleA
GetModuleHandleW
GetProcAddress
SetProcessDEPPolicy
LoadLibraryA
CreateToolhelp32Snapshot
Thread32First
Thread32Next
ExitProcess
ResumeThread
CreateProcessW
VirtualAllocEx
VirtualProtectEx
ReadProcessMemory
WriteProcessMemory
K32EnumProcessModules
K32GetModuleFileNameExW
HeapDestroy
FindNextFileW
RemoveDirectoryW
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
FindClose
CreateDirectoryW
SuspendThread
CloseHandle
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCommandLineA
HeapAlloc
EncodePointer
DecodePointer
RaiseException
GetLastError
HeapFree
DeleteCriticalSection
FatalAppExitA
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
IsDebuggerPresent
IsProcessorFeaturePresent
SetLastError
GetCurrentThread
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetTickCount
CreateSemaphoreW
GetModuleFileNameW
HeapReAlloc
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetStdHandle
SetFilePointerEx
WriteConsoleW
OutputDebugStringW
HeapSize
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStringTypeW
CreateFileW
ReadFile
ReadConsoleW
InitializeCriticalSection
GetFileSize
SetFilePointer
SetEndOfFile
MoveFileExW
GetFileAttributesW
DeleteFileW
VirtualFree
CreateThread
FindFirstFileW
HeapCreate

user32

MessageBoxW
CreateWindowExA

advapi32

RegOpenKeyExW
RegOpenKeyExA

ws2_32

htonl

imm32

ImmAssociateContext

Exports

Exports

MaiDMFunc
_MmmAssociateContext@8

Sections

.text
Size: 205KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
新建文件夹 (3)/破解补丁/crack_for_niiduma_lc/core.mai
新建文件夹 (3)/破解补丁/crack_for_niiduma_lc/core2.mai
新建文件夹 (3)/破解补丁/crack_for_niiduma_lc/crack_for_niiduma_lc.exe
.exe windows:6 windows x86 arch:x86

dde790894f2065cffde76af1e3a53410

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mai@kf

MaiDMFunc

kernel32

TlsSetValue
CreateFileW
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
GetLastError
SetLastError
GetCurrentThreadId
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
HeapFree
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapAlloc
HeapReAlloc
GetStringTypeW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
新建文件夹 (3)/破解补丁/crack_for_niiduma_lc/imp.mai
新建文件夹 (3)/破解补丁/crack_for_niiduma_lc/imp2.mai
新建文件夹 (3)/破解补丁/crack_for_niiduma_lc/rl.mai
新建文件夹 (3)/破解补丁/crack_for_niiduma_lc/rl2.mai
新建文件夹 (3)/立绘质量提升1.01补丁/百度云.txt

Sharing

General

Malware Config

Signatures

Files

df110779fec919d86da9b3bcd2616621

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

imm32

Exports

Exports

Sections

.text Size: 205KB - Virtual size: 204KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 5KB - Virtual size: 348KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 9KB - Virtual size: 9KB

.rmnet Size: 56KB - Virtual size: 60KB

dde790894f2065cffde76af1e3a53410

Headers

DLL Characteristics

File Characteristics

Imports

mai@kf

kernel32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 101KB - Virtual size: 101KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 205KB - Virtual size: 204KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 5KB - Virtual size: 348KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 9KB - Virtual size: 9KB

.rmnet
Size: 56KB - Virtual size: 60KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 101KB - Virtual size: 101KB

.reloc
Size: 3KB - Virtual size: 3KB