3db27ea36c7ee9e2697774632490756e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3db27ea36c7ee9e2697774632490756e_JaffaCakes118
Size

51KB
MD5

3db27ea36c7ee9e2697774632490756e
SHA1

4d6ea04b428a4f02a2b8d5ea842183cc4f75ef78
SHA256

e4cd5bd549b150630433e2468582236a1142e531d0eeac98fdc981002d223f92
SHA512

20f78dc8985164abdebd83f1e2df89e5fe3de346d84ef8add574dc1d3928abfe30591c9a7de5cde2875f9d0982ca09a11aa390be652bb19d534a5f72497836ce
SSDEEP

1536:PmWEboUUJAyW/hT1HJtJw2FibYmN8qt3nawQ:PwkE/R/vFAmYxQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/keygen.exe

Files

3db27ea36c7ee9e2697774632490756e_JaffaCakes118
.zip
keygen.nfo
vrl3dm06-2006-01-19.rar
.zip
blacklisted_3dmark06.txt
keygen.exe
.exe windows:4 windows x86 arch:x86

387e4eea4850c6ab9a4535595468f0b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

j:\doc\reversing\keygen\Keygen_Futuremark_3DMark06_Pro_v1_0_2\Release\Keygen_Futuremark_3DMark06_Pro_v1_0_2.pdb

Imports

kernel32

lstrlenA
lstrcatA
lstrcpyA
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
VirtualAlloc
HeapReAlloc
HeapSize
LCMapStringA
GetSystemInfo

user32

EndDialog
SetWindowPos
PostQuitMessage
SetDlgItemTextA
DialogBoxParamA

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
virility.nfo

Sharing

General

Malware Config

Signatures

Files

387e4eea4850c6ab9a4535595468f0b1

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 60KB - Virtual size: 57KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 60KB - Virtual size: 57KB