3d04141e7cdf24491915d330582dd930_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d04141e7cdf24491915d330582dd930_JaffaCakes118
Size

12.1MB
MD5

3d04141e7cdf24491915d330582dd930
SHA1

e82c2604fa6add9a7c9bd5783890cf55e3102a7a
SHA256

fef0aa6f561a1695d772b967134b883402c23af290cc4fb77ef038964bbec2c9
SHA512

043fec556acf867659bdcdaa2d7f22eff0a11c943209d124024dbedecb875fe7942798ec8c69ce8daf5f91199757d8be60303781a30f6b2cb26ca4298c75b0c6
SSDEEP

196608:2S0HenuMTHgnxo2lK33mTlIILlnTO0OQ/A1/eRGoXsvoRyW/7rL7WU8SF:L0eu6Yu3WBVlqEUWRwwRx/b738+

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NBA2K14.Crack.Only-RELOADED/Crack/nba2k14.exe
unpack001/NBA2K14.Crack.Only-RELOADED/Crack/rld.dll

Files

3d04141e7cdf24491915d330582dd930_JaffaCakes118
.rar
NBA2K14.Crack.Only-RELOADED/Crack/nba2k14.exe
.exe windows:5 windows x86 arch:x86

5aca7c0c8e594394af8deef5a500639f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\vcout\vcsports\full\default\bin\win32dx\nba\nba_clean_opt.exe.pdb

Imports

dinput8

DirectInput8Create

xinput1_3

ord2
ord4
ord3

winhttp

WinHttpOpenRequest
WinHttpSetOption
WinHttpSetStatusCallback
WinHttpSendRequest
WinHttpReadData
WinHttpCloseHandle
WinHttpConnect
WinHttpCrackUrl
WinHttpWriteData
WinHttpOpen
WinHttpQueryHeaders
WinHttpReceiveResponse

advapi32

RegCreateKeyA
RegQueryValueExW
RegOpenKeyW
RegSetValueExW
RegCreateKeyW
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCloseKey

crypt32

CertFreeCertificateContext
CertFindCertificateInStore
CertOpenStore
CertCloseStore

gdi32

GetDeviceCaps
GetStockObject

kernel32

RaiseException
HeapFree
HeapAlloc
GetProcessHeap
IsProcessorFeaturePresent
IsDebuggerPresent
LocalAlloc
FreeLibrary
LoadLibraryA
EncodePointer
DecodePointer
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
TlsAlloc
InterlockedIncrement
InterlockedDecrement
SetThreadIdealProcessor
GetCurrentThread
GetProcessAffinityMask
GetCurrentProcess
GetShortPathNameW
CreateDirectoryW
GetModuleFileNameW
GetCurrentProcessId
TerminateProcess
SetUnhandledExceptionFilter
SetErrorMode
GetLastError
CreateMutexW
CloseHandle
ReleaseMutex
GetCommandLineW
WriteFile
CreateFileA
GetCurrentThreadId
GlobalMemoryStatusEx
GetProcAddress
GetModuleHandleA
GetSystemInfo
GetNativeSystemInfo
GetVersionExA
GetTimeZoneInformation
GetEnvironmentVariableA
QueryPerformanceFrequency
GetLocaleInfoW
GlobalMemoryStatus
OutputDebugStringA
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetSystemTime
GetUserDefaultLangID
GetExitCodeThread
WaitForSingleObject
SwitchToThread
Sleep
SetThreadPriority
ExitThread
SetThreadPriorityBoost
CreateThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
PulseEvent
ResetEvent
CreateEventA
InterlockedCompareExchange
FileTimeToSystemTime
GetDiskFreeSpaceExA
GetFileSizeEx
DeleteFileA
CreateDirectoryA
RemoveDirectoryA
MoveFileA
FindClose
ReadFile
GetCurrentDirectoryW
GetFullPathNameA
FindFirstFileA
FindNextFileA
SetCurrentDirectoryW
GetCommandLineA
SetEnvironmentVariableA
InterlockedExchange
InterlockedExchangeAdd
TlsGetValue
TlsSetValue

ole32

CoCreateInstance
CoSetProxyBlanket
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize

oleaut32

SysFreeString
SysAllocString

shell32

SHGetSpecialFolderPathW
SHGetFolderPathA

user32

LoadCursorA
GetDesktopWindow
SetWindowLongA
GetMenu
UpdateWindow
SetActiveWindow
PeekMessageA
DispatchMessageA
TranslateMessage
PostQuitMessage
ShowCursor
DefWindowProcA
GetCursorPos
GetClientRect
ScreenToClient
ShowWindow
RegisterClassA
LoadIconA
MessageBoxA
IsWindow
IsIconic
GetMessageExtraInfo
SendInput
SystemParametersInfoW
GetForegroundWindow
SendMessageA
GetDC
ReleaseDC
MessageBoxW
EnumWindows
GetWindowPlacement
SetWindowPlacement
SetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
EnumDisplayMonitors
GetMonitorInfoW
CreateWindowExA
UnregisterClassA
DestroyWindow
GetWindowLongA
GetKeyboardState
SetWindowPos
AdjustWindowRectEx
GetWindowModuleFileNameW

ws2_32

recvfrom
sendto
listen
accept
ioctlsocket
recv
send
shutdown
connect
socket
htonl
bind
closesocket
getsockname
ntohs
select
__WSAFDIsSet
setsockopt
WSAStartup
WSAGetLastError
WSACleanup
gethostbyname
ntohl
htons

msvcr100

floor
_vsnprintf
__control87_2
_aligned_realloc
_aligned_malloc
_msize
_heapwalk
_heapset
_aligned_free
realloc
wcsstr
swscanf
_crt_debugger_hook
_controlfp_s
_except_handler3
localeconv
malloc
free
strtod
sscanf
_byteswap_uint64
_byteswap_ulong
exit
??3@YAXPAX@Z
??2@YAPAXI@Z
pow
sin
cos
sqrt
memcpy
memcmp
memset
_purecall
_unlock
__dllonexit
_lock
_onexit
__lconv_init
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
printf
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_byteswap_ushort
_invoke_watson

Sections

.text
Size: 10.8MB - Virtual size: 10.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.4MB - Virtual size: 17.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.string_
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.guids
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VFDzwqP
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NBA2K14.Crack.Only-RELOADED/Crack/rld.dll
.dll windows:5 windows x86 arch:x86

3a5c58d4c4504f7ac67883a39d402133

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
CreateFileA
lstrlenA
WideCharToMultiByte
ReadFile
CreateFileW
lstrlenW
CloseHandle
lstrcpyA
SetFilePointer
VirtualFree
lstrcatA
MultiByteToWideChar
CreateDirectoryA
GetLastError
SetLastError
VirtualAlloc
GetTempPathA
lstrcpynA
GetCurrentProcess
QueryPerformanceCounter
SetEnvironmentVariableA
GetModuleHandleA
QueryPerformanceFrequency
GetCurrentProcessId
CreateEventA
ExitProcess
lstrcmpiA
lstrcmpiW
GetThreadContext
lstrcmpA
SetThreadContext
TerminateProcess
VirtualAllocEx
ResumeThread
FreeLibrary
HeapAlloc
HeapCreate
LoadLibraryA
GetFileSize
SetEndOfFile
CompareFileTime
UnlockFile
SetEvent
LockFile
GetTickCount
WriteFile
GetProcessTimes
VirtualFreeEx
ReadProcessMemory
GetFileAttributesA
GetFileAttributesW
ExitThread
FlushFileBuffers
OpenEventA
WaitForMultipleObjects
GetFileTime
GetCurrentThreadId
WriteProcessMemory
CreateThread
SetStdHandle
HeapFree
AddVectoredExceptionHandler
GetModuleFileNameA
GetProcAddress

user32

GetMessageA
SetTimer
CharLowerA
wsprintfA
RegisterClassExA
PostQuitMessage
KillTimer
SendMessageA
SetWindowLongA
UnregisterClassA
GetWindowLongA
CreateWindowExA
DefWindowProcA
IsWindow
DispatchMessageA
MessageBoxA

advapi32

OpenProcessToken

userenv

GetUserProfileDirectoryA

Exports

Exports

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RLD0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RLD1
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NBA2K14.Crack.Only-RELOADED/reloaded.nfo
NBA2K14.Crack.Only-RELOADED/下载说明.txt

Sharing

General

Malware Config

Signatures

Files

5aca7c0c8e594394af8deef5a500639f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dinput8

xinput1_3

winhttp

advapi32

crypt32

gdi32

kernel32

ole32

oleaut32

shell32

user32

ws2_32

msvcr100

Sections

.text Size: 10.8MB - Virtual size: 10.8MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 4.4MB - Virtual size: 17.1MB

.string_ Size: 92KB - Virtual size: 92KB

.guids Size: 512B - Virtual size: 16B

.rsrc Size: 21KB - Virtual size: 21KB

.VFDzwqP Size: 214KB - Virtual size: 214KB

3a5c58d4c4504f7ac67883a39d402133

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

userenv

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 2KB - Virtual size: 1KB

.RLD0 Size: 2KB - Virtual size: 2KB

.RLD1 Size: 355KB - Virtual size: 355KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 10.8MB - Virtual size: 10.8MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 4.4MB - Virtual size: 17.1MB

.string_
Size: 92KB - Virtual size: 92KB

.guids
Size: 512B - Virtual size: 16B

.rsrc
Size: 21KB - Virtual size: 21KB

.VFDzwqP
Size: 214KB - Virtual size: 214KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 2KB - Virtual size: 1KB

.RLD0
Size: 2KB - Virtual size: 2KB

.RLD1
Size: 355KB - Virtual size: 355KB

.reloc
Size: 1KB - Virtual size: 1KB