ffda6c0fcaf8d11c117e1e3d00dc87f7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ffda6c0fcaf8d11c117e1e3d00dc87f7_JaffaCakes118
Size

735KB
MD5

ffda6c0fcaf8d11c117e1e3d00dc87f7
SHA1

ae3b3ccc49f16adc00ca710ba293e25cf3778029
SHA256

00d4849767a11edd37e0140fe5451ab61f9d02b9029fc8cd7d9d23748fe8d30d
SHA512

876fdaff92ccfd56f3175166f481857f16f98b0c47c773568dac6fe01f2a61989e84f8d6fc5b30b2b145ee3747ca0a776e3a6df9ab0f69be847809ff36c1cae8
SSDEEP

12288:3STHHAZ4h+TKxdqblJM6drYfByYEQuX2oyaK8io4AoDbhfu7Rw9M1kRktMZbbhzH:3Un+T7M62JXEQ7oyajuJbhfew9MXtMZp

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Battlefleet Gothic Armada 2 v1.0 Plus 8 Trainer.exe
unpack001/BattlefleetGothic2.exe

Files

ffda6c0fcaf8d11c117e1e3d00dc87f7_JaffaCakes118
.zip
Battlefleet Gothic Armada 2 v1.0 Plus 8 Trainer.exe
.exe windows:6 windows x64 arch:x64

7b027a34ca40783d3d6c007df57992fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

HeapFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
GetModuleHandleW
FindResourceW
SizeofResource
LoadResource
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
LockResource
GetFileAttributesW
GetModuleFileNameW
WinExec
IsWow64Process
ResumeThread
WaitForSingleObject
GetTempPathW
CreateDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
WriteConsoleW
GetModuleHandleA
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
SetFilePointerEx
GetCurrentProcess
GetConsoleCP
FlushFileBuffers
GetFileType
WriteFile
GetStdHandle
ExitProcess
GetModuleHandleExW
ExitThread
RtlPcToFileHeader
RtlUnwindEx
LoadLibraryW
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
GetProcAddress
SetLastError
SetStdHandle
LoadLibraryA
Sleep
CreateFileW
GetLastError
GetCurrentProcessId
CreateEventW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ResetEvent
SetEvent
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
FreeLibrary
GetConsoleMode
CloseHandle
QueryPerformanceCounter
EncodePointer
GetTickCount
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
DuplicateHandle
WaitForSingleObjectEx
SwitchToThread
GetCurrentThread
GetCurrentThreadId
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime

user32

TranslateMessage
DispatchMessageW
PostMessageW
GetMessageW
TranslateAcceleratorW
LoadCursorW
CreateWindowExW
SendMessageW
MessageBoxW
MessageBoxA
SystemParametersInfoW
LoadIconW
RegisterClassExW
GetSystemMetrics
SetWindowLongPtrW
ShowWindow
UpdateWindow
GetDC
GetWindowRect
UpdateLayeredWindow
ReleaseDC
GetWindowLongPtrW
DefWindowProcW
SetLayeredWindowAttributes
BeginPaint
EndPaint
PostQuitMessage
SetTimer
SetCursor
KillTimer
ReleaseCapture
MoveWindow
LoadAcceleratorsW

gdi32

DeleteDC
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteObject
CreateFontIndirectW

shell32

SHGetFolderPathW

ole32

CreateStreamOnHGlobal

gdiplus

GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipGetImageWidth
GdipGetImageHeight
GdipCreateTexture
GdipCreateTextureIAI
GdipSetTextureWrapMode
GdipTranslateTextureTransform
GdipFillRectangleI
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipGetTextureImage
GdipCreateFont
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipCreateSolidFill
GdipCloneStringFormat
GdipSetStringFormatFlags
GdipDeleteFont
GdipSetSolidFillColor
GdipMeasureString
GdipDrawString
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetStringFormatAlign
GdipFree
GdipCloneImage
GdipDeleteBrush
GdipCloneBrush
GdipStringFormatGetGenericTypographic

winmm

PlaySoundW
mciSendStringW

comctl32

InitCommonControlsEx
_TrackMouseEvent

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 530KB - Virtual size: 529KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 443KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BattlefleetGothic2.exe
.exe windows:6 windows x64 arch:x64

c4e14264a3cbcd4c37cf17998d8ac4da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleFileNameW
FormatMessageW
GetLastError
CloseHandle
CreateProcessW
GetModuleHandleW
WriteConsoleW
CreateFileW
SetFilePointerEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
GetStringTypeW
LCMapStringW
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode

user32

MessageBoxW

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b027a34ca40783d3d6c007df57992fe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

gdiplus

winmm

comctl32

version

Sections

.text Size: 530KB - Virtual size: 529KB

.rdata Size: 192KB - Virtual size: 191KB

.data Size: 13KB - Virtual size: 22KB

.pdata Size: 26KB - Virtual size: 25KB

.rsrc Size: 443KB - Virtual size: 443KB

.reloc Size: 6KB - Virtual size: 5KB

c4e14264a3cbcd4c37cf17998d8ac4da

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 530KB - Virtual size: 529KB

.rdata
Size: 192KB - Virtual size: 191KB

.data
Size: 13KB - Virtual size: 22KB

.pdata
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 443KB - Virtual size: 443KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 2KB - Virtual size: 1KB