0e5bd0e5d5cf5d9631ad2ecfb8e70c03_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0e5bd0e5d5cf5d9631ad2ecfb8e70c03_JaffaCakes118
Size

6.1MB
MD5

0e5bd0e5d5cf5d9631ad2ecfb8e70c03
SHA1

cd436ab08402f324afac55e96437def93aba189f
SHA256

984dca25751a241018cd1c89ba49fb43202e9f7db5b6716ab7418df813d7d873
SHA512

0ff25df4fa7fa00638db22dc64de513997c26450a235a9c38c5880d30ebb28ad6d85511a013ee748611c583fdfe77696cd2b52b5be4da386ed011f31c80d2eb9
SSDEEP

196608:AuV9ziQLN04x279cQItsr3gL+A//OQvBfDMMJwv4:AieQx0OaSNm6/OW6V4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NBA2K14.Crack.Only/Crack/nba2k14.exe

Files

0e5bd0e5d5cf5d9631ad2ecfb8e70c03_JaffaCakes118
.rar
NBA2K14.Crack.Only/Crack/nba2k14.exe
.exe windows:5 windows x86 arch:x86

4c175a56b94cc5b04749e03c84fad43b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

dinput8

DirectInput8Create

xinput1_3

ord2
ord4
ord3

winhttp

WinHttpOpenRequest
WinHttpSetOption
WinHttpSetStatusCallback
WinHttpSendRequest
WinHttpReadData
WinHttpCloseHandle
WinHttpConnect
WinHttpCrackUrl
WinHttpWriteData
WinHttpOpen
WinHttpQueryHeaders
WinHttpReceiveResponse

advapi32

RegCreateKeyA
RegQueryValueExW
RegOpenKeyW
RegSetValueExW
RegCreateKeyW
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCloseKey

crypt32

CertFreeCertificateContext
CertFindCertificateInStore
CertOpenStore
CertCloseStore

gdi32

GetDeviceCaps
GetStockObject

kernel32

RaiseException
HeapFree
HeapAlloc
GetProcessHeap
IsProcessorFeaturePresent
IsDebuggerPresent
LocalAlloc
FreeLibrary
LoadLibraryA
EncodePointer
DecodePointer
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
TlsAlloc
InterlockedIncrement
InterlockedDecrement
SetThreadIdealProcessor
GetCurrentThread
GetProcessAffinityMask
GetCurrentProcess
GetShortPathNameW
CreateDirectoryW
GetModuleFileNameW
GetCurrentProcessId
TerminateProcess
SetUnhandledExceptionFilter
SetErrorMode
GetLastError
CreateMutexW
CloseHandle
ReleaseMutex
GetCommandLineW
WriteFile
CreateFileA
GetCurrentThreadId
GlobalMemoryStatusEx
GetProcAddress
GetModuleHandleA
GetSystemInfo
GetNativeSystemInfo
GetVersionExA
GetTimeZoneInformation
GetEnvironmentVariableA
QueryPerformanceFrequency
GetLocaleInfoW
GlobalMemoryStatus
OutputDebugStringA
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetSystemTime
GetUserDefaultLangID
GetExitCodeThread
WaitForSingleObject
SwitchToThread
Sleep
SetThreadPriority
ExitThread
SetThreadPriorityBoost
CreateThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
PulseEvent
ResetEvent
CreateEventA
InterlockedCompareExchange
FileTimeToSystemTime
GetDiskFreeSpaceExA
GetFileSizeEx
DeleteFileA
CreateDirectoryA
RemoveDirectoryA
MoveFileA
FindClose
ReadFile
GetCurrentDirectoryW
GetFullPathNameA
FindFirstFileA
FindNextFileA
SetCurrentDirectoryW
GetCommandLineA
SetEnvironmentVariableA
InterlockedExchange
InterlockedExchangeAdd
TlsGetValue
TlsSetValue
LoadLibraryA
GetProcAddress
GetLastError
FreeLibrary
InitializeCriticalSection
GetModuleFileNameW
GetModuleHandleW
TerminateProcess
GetCurrentProcess
DeleteCriticalSection
LoadLibraryW
CreateEventW
CompareStringW
SetLastError
GetModuleHandleA
VirtualProtect
GetTickCount
EnterCriticalSection
LeaveCriticalSection
VirtualFree
VirtualAlloc
WriteProcessMemory
CreateToolhelp32Snapshot
GetCurrentProcessId
GetCurrentThreadId
Thread32First
OpenThread
Thread32Next
CloseHandle
SuspendThread
ResumeThread
GetSystemInfo
LoadResource
MultiByteToWideChar
WideCharToMultiByte
FindResourceExW
FindResourceExA
GetThreadLocale
GetUserDefaultLCID
GetSystemDefaultLCID
EnumResourceNamesA
EnumResourceNamesW
EnumResourceLanguagesA
EnumResourceLanguagesW
EnumResourceTypesA
EnumResourceTypesW
HeapAlloc
HeapFree
HeapDestroy
HeapCreate
GetSystemTime
GetLocalTime
SystemTimeToFileTime
CompareFileTime
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
RaiseException
Sleep
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
HeapSize
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
VirtualQuery
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

ole32

CoCreateInstance
CoSetProxyBlanket
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize

oleaut32

SysFreeString
SysAllocString

shell32

SHGetSpecialFolderPathW
SHGetFolderPathA

user32

LoadCursorA
GetDesktopWindow
SetWindowLongA
GetMenu
UpdateWindow
SetActiveWindow
PeekMessageA
DispatchMessageA
TranslateMessage
PostQuitMessage
ShowCursor
DefWindowProcA
GetCursorPos
GetClientRect
ScreenToClient
ShowWindow
RegisterClassA
LoadIconA
MessageBoxA
IsWindow
IsIconic
GetMessageExtraInfo
SendInput
SystemParametersInfoW
GetForegroundWindow
SendMessageA
GetDC
ReleaseDC
MessageBoxW
EnumWindows
GetWindowPlacement
SetWindowPlacement
SetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
EnumDisplayMonitors
GetMonitorInfoW
CreateWindowExA
UnregisterClassA
DestroyWindow
GetWindowLongA
GetKeyboardState
SetWindowPos
AdjustWindowRectEx
GetWindowModuleFileNameW
MessageBoxW
CharUpperBuffW

ws2_32

recvfrom
sendto
listen
accept
ioctlsocket
recv
send
shutdown
connect
socket
htonl
bind
closesocket
getsockname
ntohs
select
__WSAFDIsSet
setsockopt
WSAStartup
WSAGetLastError
WSACleanup
gethostbyname
ntohl
htons

msvcr100

floor
_vsnprintf
__control87_2
_aligned_realloc
_aligned_malloc
_msize
_heapwalk
_heapset
_aligned_free
realloc
wcsstr
swscanf
_crt_debugger_hook
_controlfp_s
_except_handler3
localeconv
malloc
free
strtod
sscanf
_byteswap_uint64
_byteswap_ulong
exit
??3@YAXPAX@Z
??2@YAPAXI@Z
pow
sin
cos
sqrt
memcpy
memcmp
memset
_purecall
_unlock
__dllonexit
_lock
_onexit
__lconv_init
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
printf
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_byteswap_ushort
_invoke_watson

Exports

Exports

�8F��120��*��VS�ӦAo��LT��iDi.��v�D��-8R�-]�??�eޢl��#(FvWq�#�>��R�J�ƪE��!9�T*m��F�f�M��jk��w�b��[�O*�Pu��_�eoPx6�U)ƤU�P�/n��`�{bȎ%8$��Nu��7o* *ӑ��۸#�3 ��bC��xQ ��Ά��k��ai�[퀏��7�� P>�Uƹ��6�~I֎D4z��6Yq+��"by��5��zMɂY��̋� ��#��>5��mhq��~|�v.�Y��==��;�n�_��v��业|��I�'��a+8��r��=8�޲6&ϙ0i�.O��Yl�X\Q��d��ъ��#�lU��g0��g�]#AnO��ܹB:�H�{54�>m��>7*��d]I2�ã�Æ&��i��!Ha��'k��Ăϡ��&t�N�/��}빷r w"�o�v��?��.��G�H3S��E��|%�B�}ڬ��$>�VS�K3z� ��L��ޓRpn ��BS�,"�X�T4h�kR�q�e)f;�:�9�c6 ա��!ϷP<��~��HG"��8D��>��m@��* JمD %�(Ǡ�P��Uw�}�ݸ+�]�8�Ϯ�ä��:��h�z^�i*�+h��1W+��5'��M R�_��!ڿ��c<E<6��KG��r�0?��Z��a�n3 C��٪C\S��jd��5��o$�?6��D8l]z��L�[�|5��߂Q�ZE�v�WZ�+j;�]��3��6��ū�� fĮ?�. Y*j��9��s��[�!��׸ ��i��j��5e��4R��鍛�4�{dS��(g��}�*�2�r�Eu��M=��$R��<�1̝T%!��ۆq mgU��Cw�� &��r�Saл!�A.�wV��WL(��c7,V��F��b�hI�S��Q1|ó�K�ںSLp}+��u�Vu�du�y~��^,m9��_e�4��C`��͉��*�HP|jF�s�a��7��91]eG�� s!i�g��m�;Pw��˃;��:y�Z�II��BSy�<p�l)q�}��X5��<��3�o�H�m�^�&��L�Q^'$��ss��>[h��:2��ȸ�bg��:!�Ic��I��&�Y��MyH�QQQX��}�y��wC��]#\��=WdY� ��wLSU ��Ȟ}~x@��GՌl��B��ǭ"@��2��K��G��]��iM��6sI��s3��N�ų]��7��m��w�؎��S]+��@��85��j�ac(Đ�)��X0}�U^�owQ9�fQ�1H[�s��!��C��*U��$x�a�ht?��4�K��p��M>+#9��_Y,�ll�*�u�PsG��;�[�� 2 ��V�+b��+��Y��a��Q��G��f�s��Հ��iϤ�˫�[�ǭ�6CVO��4V�N/�!Q Se��`)7I�^{��5I��M�і�;�'tlT�?U�"�1��`0�-Gp~$,c��79,�Dr:9��_�K�1��̄��M�::��On��l'o�kW+��oy+��l�$l�:��E8��1}�.�v�JΠ�<�ȸ��'�K}��Km�L&�X'.�>�^�|H>�=��[�&持/I�:�B�j��.�V�$�j�s��I��K��&��v��ZZX�޽%��ukU�=�f��Ygf0}u�OO�V�A�|�� a(bF�3!�� X� YM4� ��h6�b�6AvT��MW��T]{��}��B:�5#��r��s��=Ņ��L�"K@"%�^�n��q��-��a��8��T��va��i�R��I"�eK!H�N�ڎ�`��Vxg� cۚ1��n3M��'�^K��bθRu}wj��I��a��T��AR�"�h��<��n]�k�t '0�}K�Ct��H[G�c�Ҋ�~�e�S��S��G)�`q��jJ��C�m�p��1��:i^�,sN#{.r(�*c�� վW�>Zl��!ga�t�I��5;�Y��m�x�^�¸��y"�|��/V��ʺ��G��2m�>@�'Q��F�t��k�q~Uvu�%[�$Ⱥ�WE��e��8��b�2^��@O~��!>'��n?��'�Xp�S�r�Z��,�k�?9�j(a��5iu��x��ρ�i<��`c1#�N B?YCN�n7fR;��;��asF߯5|�,�U/|�vvO� e��w�4��F��GaN��q��E��vbHbɤm�s8)��@�h��}��&��]^,3GjX�,&`HD��8�u�X\,��y�Sڹ�A:*��?�jLo��8цd��L��=��͟L�pYp��Ì��(W3јhhd0��K�3dc U�&��So۲�v�IQ�zwG^�܂4��k.<��B�[��K�|�ȇ�G��x(�p�~tf\z~6�Y(��IM#\�W^x�F7%V��`�,��h9��"�7�l��U+\��6l��k��wrЊ�`l�s�=Ҵ�m�gustE� �w8mDD�D��r=]E�?��u"��t�I��{r��r�>S��u��H�vHز�1�\DY�!tVTl��rD`k[�9RX�6�V�8< ��?��Dr��^7��/X4��J�,k��"%d��!�7L�V��)�c^�t��p��;�s��2;��^�� T�(�P�j��+�i�V�O紉)�:��*M�H�p�a�S?��'B�l��&VT��qZ�U�,��gr�R� �$"��D[y %�d��I*P��!vp�.�?��Jh�=�k�Ş~��=I�>a��A�MEA

Sections

.text
Size: - Virtual size: 10.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 17.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.string_
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.guids
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

3DMGAME0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.extra
Size: - Virtual size: 8KB

3DMGAME1
Size: - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3DMGAME2
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
NBA2K14.Crack.Only/说明.txt

Sharing

General

Malware Config

Signatures

Files

4c175a56b94cc5b04749e03c84fad43b

Headers

DLL Characteristics

File Characteristics

Imports

dinput8

xinput1_3

winhttp

advapi32

crypt32

gdi32

kernel32

ole32

oleaut32

shell32

user32

ws2_32

msvcr100

Exports

Exports

Sections

.text Size: - Virtual size: 10.8MB

.rdata Size: - Virtual size: 1.2MB

.data Size: - Virtual size: 17.1MB

.string_ Size: - Virtual size: 96KB

.guids Size: - Virtual size: 4KB

3DMGAME0 Size: - Virtual size: 24KB

.extra Size: - Virtual size: 8KB

3DMGAME1 Size: - Virtual size: 556KB

.tls Size: 4KB - Virtual size: 24B

3DMGAME2 Size: 6.2MB - Virtual size: 6.2MB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: - Virtual size: 10.8MB

.rdata
Size: - Virtual size: 1.2MB

.data
Size: - Virtual size: 17.1MB

.string_
Size: - Virtual size: 96KB

.guids
Size: - Virtual size: 4KB

3DMGAME0
Size: - Virtual size: 24KB

.extra
Size: - Virtual size: 8KB

3DMGAME1
Size: - Virtual size: 556KB

.tls
Size: 4KB - Virtual size: 24B

3DMGAME2
Size: 6.2MB - Virtual size: 6.2MB

.rsrc
Size: 20KB - Virtual size: 17KB