dba70e1611eb3ff7e32729f458d33029_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dba70e1611eb3ff7e32729f458d33029_JaffaCakes118
Size

496KB
MD5

dba70e1611eb3ff7e32729f458d33029
SHA1

43db739fb7ff941d7db094e328bf74b229e7538d
SHA256

02f2596ae40a0971866bd1e79a7cce57d30706ae211744fb66d51e2825662888
SHA512

94977477ce95081dbf91c4f4c70fd5f259f936a4b4ad25f95cfa61f3ccb641fcc8ea3b096cdd01c570220eb8fe564c0483bca28d53cd19695694e4aaa58cf69a
SSDEEP

12288:b9EXXxyFEvurkEgbMIu1lSfVjEZPdnzjgi8PJqQbH3x/1U+g1:b9EnaPrdgbQ1lSfVgVdnzkFPJqQj3x/I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Dishonored 2 Promo Trainer.exe

Files

dba70e1611eb3ff7e32729f458d33029_JaffaCakes118
.rar
Dishonored 2 Trainer +15 v1.75.0.12 (Cheat Happens)/Dishonored 2 Trainer +15 v1.75.0.12 (Cheat Happens).rar
.rar
Dishonored 2 Promo Trainer.exe
.exe windows:4 windows x64 arch:x64

15c7f6f4c24af5676d635102b42efcff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

memset
memmove
sprintf
strstr
strncmp
strncpy
_strnicmp
_strdup
free
fread
fclose
ftell
fseek
memcpy
log10
fopen
strcmp
strlen
strcpy
strcat
memcmp
longjmp
_setjmp
_stricmp
tolower
fmodf
fabs
ceil
malloc
floor
_errno
realloc
calloc
toupper
perror
atan
fprintf
log
ldexp
pow
qsort
exp
sqrt
cos
sin
exit
frexp
acos
memchr
modf
atof
sinf
cosf
abs

kernel32

GetModuleHandleA
HeapCreate
IsDebuggerPresent
OpenProcess
GetTickCount
ReadProcessMemory
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
WaitForSingleObject
GetExitCodeThread
VirtualFreeEx
CloseHandle
CreateToolhelp32Snapshot
Module32First
Module32Next
VirtualProtectEx
HeapDestroy
ExitProcess
GetCurrentProcess
VirtualQueryEx
GetProcAddress
GetLastError
HeapFree
TlsGetValue
HeapAlloc
TlsSetValue
TlsAlloc
WaitForMultipleObjects
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
InitializeCriticalSection
GetCurrentThread
DuplicateHandle
CreateSemaphoreA
CreateThread
ReleaseSemaphore
LoadLibraryA
CreateFileA
GetFileSize
ReadFile
Sleep
FreeLibrary
GetCurrentProcessId
GetModuleFileNameA
CreatePipe
GetStdHandle
CreateProcessA
TerminateProcess
RtlLookupFunctionEntry
RtlVirtualUnwind
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
MultiByteToWideChar
WideCharToMultiByte
GlobalLock
GlobalSize
GlobalUnlock
GlobalAlloc
GlobalFree
HeapReAlloc
GetVersionExA
QueryPerformanceFrequency
QueryPerformanceCounter
SetLastError
MulDiv
GetCurrentDirectoryA
CreateDirectoryA
GetTempPathA
SetCurrentDirectoryA
SetFileAttributesA
DeleteFileA
CopyFileA
GetDriveTypeA
FindFirstFileA
FindClose
GetFileAttributesA
WriteFile
SetFilePointer
DeleteCriticalSection
lstrlenA

user32

GetForegroundWindow
GetWindowThreadProcessId
GetKeyboardState
GetAsyncKeyState
ShowWindow
SetClassLongPtrA
RedrawWindow
GetWindowLongPtrA
WindowFromPoint
SendMessageA
FindWindowA
GetKeyNameTextA
MapVirtualKeyA
PeekMessageA
RegisterHotKey
UnregisterHotKey
CharUpperA
CharLowerA
MessageBoxA
IsWindowVisible
IsWindowEnabled
EnableWindow
EnumWindows
SetWindowPos
BeginPaint
EndPaint
DefWindowProcA
LoadIconA
RegisterClassExA
CreateWindowExA
DestroyWindow
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetParent
MapWindowPoints
MoveWindow
InvalidateRect
SetWindowTextA
SetFocus
ScreenToClient
GetIconInfo
UpdateWindow
ReleaseCapture
DrawStateA
SetCapture
CallWindowProcA
GetSystemMetrics
SetWindowLongPtrA
GetPropA
RemovePropA
SetPropA
TranslateMessage
DispatchMessageA
SetScrollPos
GetDC
InflateRect
ReleaseDC
GetWindowDC
GetScrollPos
GetClientRect
SetScrollInfo
GetScrollRange
FillRect
LoadCursorA
GetSysColor
GetSysColorBrush
GetWindow
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
RegisterClassA
AdjustWindowRectEx
CreateAcceleratorTableA
GetMenu
EnumChildWindows
GetFocus
PostMessageA
DefFrameProcA
GetActiveWindow
MsgWaitForMultipleObjects
GetMessageA
TranslateAcceleratorA
IsChild
GetClassNameA
GetKeyState
RegisterWindowMessageA
GetCursorPos
OpenClipboard
EmptyClipboard
CloseClipboard
SetClipboardData
DrawIconEx
DestroyIcon
CopyImage
CreateIconFromResourceEx
CreateIconFromResource

gdi32

CreatePatternBrush
GetStockObject
GetObjectType
GetObjectA
DeleteObject
ExcludeClipRect
SetTextColor
SetBkColor
SelectObject
GetTextExtentPoint32A
CreateSolidBrush
GetDeviceCaps
CreateDCA
CreateFontA
DeleteDC
SetTextAlign
CreatePen
SetPixelV
Rectangle
RoundRect
Ellipse
SetROP2
SetBkMode
SelectPalette
RealizePalette
GetDIBits
CreateCompatibleDC
SetStretchBltMode
StretchDIBits
BitBlt
StretchBlt
MoveToEx
TextOutA
CreateFontIndirectA
GetPixel
ExtFloodFill
LineTo
GetTextMetricsA
CreateCompatibleBitmap
SetDIBits
GdiSetBatchLimit
GdiGetBatchLimit
SetBrushOrgEx
CreateDIBSection
CreateBitmap
SetPixel

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetCurrentHwProfileA

ole32

CoInitialize
CreateStreamOnHGlobal
GetHGlobalFromStream
OleInitialize
RevokeDragDrop
OleCreate
OleSetContainedObject

shell32

ShellExecuteExA

winmm

timeBeginPeriod

urlmon

URLDownloadToFileA

wininet

InternetGetConnectedState

comctl32

InitCommonControlsEx

oleaut32

SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
VariantInit
DispGetParam
VariantClear

Sections

.code
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 359KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 287KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dh2175promo-readme.txt

Sharing

General

Malware Config

Signatures

Files

15c7f6f4c24af5676d635102b42efcff

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

advapi32

ole32

shell32

winmm

urlmon

wininet

comctl32

oleaut32

Sections

.code Size: 108KB - Virtual size: 107KB

.text Size: 359KB - Virtual size: 358KB

.pdata Size: 17KB - Virtual size: 16KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 287KB - Virtual size: 296KB

.rsrc Size: 73KB - Virtual size: 73KB

.code
Size: 108KB - Virtual size: 107KB

.text
Size: 359KB - Virtual size: 358KB

.pdata
Size: 17KB - Virtual size: 16KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 287KB - Virtual size: 296KB

.rsrc
Size: 73KB - Virtual size: 73KB