8ba8f8047917a06adc3f6d807eaf7626_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8ba8f8047917a06adc3f6d807eaf7626_JaffaCakes118
Size

1.1MB
MD5

8ba8f8047917a06adc3f6d807eaf7626
SHA1

937df687973edec3f51550cc5cab9367ab7d1d68
SHA256

a17a56a6133deb30a7b5347798b8cac8438e90695cae989a41971fe1583682ba
SHA512

b2434f2bd3acbc9b971ed43037706ccbdec3fd7122ad59ec4df7cb8f2e31d25cc10705eaceaedba8a0fe2efd6704518c844f5aa1e383fdf0e1d9f41c7213899a
SSDEEP

24576:PhtO1/DsEOLcnKpIfn/jjm0YfoGyFdg6phEACvTHdg6pj:Jtq/DsEiWf/jafotPpCvJPp

Score

3^/10

Malware Config

Signatures

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/Chams Sudden + Mado,s Injectors/Mado,s Injectors.exe
unpack001/Chams Sudden + Mado,s Injectors/UPDATE Chams Sudden Latino.dll
unpack001/Perx Wall hack S.ALatino/Perx Updated.exe
unpack001/Perx Wall hack S.ALatino/UPDATE Chams Sudden Latino.dll
unpack001/Siyanur lag hack- S.A latino/siyanur - Lag Hack.exe

Files

8ba8f8047917a06adc3f6d807eaf7626_JaffaCakes118
.rar
Chams Sudden + Mado,s Injectors/Dibujo.PNG
.png
Chams Sudden + Mado,s Injectors/Mado,s Injectors.exe
.exe windows:5 windows x86 arch:x86

0ebb3c09b06b1666d307952e824c8697

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wextract.pdb

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
lstrlenA
GetModuleFileNameA
GetSystemDirectoryA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
FreeResource
GetProcAddress
LoadResource
SizeofResource
FindResourceA
lstrcatA
CloseHandle
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ReadFile
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
LockResource

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 158KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Chams Sudden + Mado,s Injectors/UPDATE Chams Sudden Latino.dll
.dll windows:5 windows x86 arch:x86

e13629fc29b9c5c6280e1b1d49f5356f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\abdul1\Documents\D-A Team BugFire\D3DDrv\Release\UKnownCheat's CF pub By sam22 aka afg.pdb

Imports

kernel32

LoadLibraryW
GetVersionExW
GetProcAddress
DisableThreadLibraryCalls
CloseHandle
CreateFileW
WriteConsoleW
SetStdHandle
SetLastError
VirtualProtect
FlushInstructionCache
GetCurrentProcess
VirtualQuery
GetCurrentThreadId
DecodePointer
GetCommandLineA
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
HeapAlloc
LCMapStringW
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
IsProcessorFeaturePresent
MultiByteToWideChar
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
WriteFile
GetModuleFileNameW
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
HeapSize
FlushFileBuffers

user32

MessageBoxW
GetAsyncKeyState
EnumDisplayDevicesW

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Perx Wall hack S.ALatino/Perx Updated.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\home\documents\visual studio 2010\Projects\Injector\Injector\obj\x86\Debug\xi1njacta.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Perx Wall hack S.ALatino/UPDATE Chams Sudden Latino.dll
.dll windows:5 windows x86 arch:x86

e13629fc29b9c5c6280e1b1d49f5356f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\abdul1\Documents\D-A Team BugFire\D3DDrv\Release\UKnownCheat's CF pub By sam22 aka afg.pdb

Imports

kernel32

LoadLibraryW
GetVersionExW
GetProcAddress
DisableThreadLibraryCalls
CloseHandle
CreateFileW
WriteConsoleW
SetStdHandle
SetLastError
VirtualProtect
FlushInstructionCache
GetCurrentProcess
VirtualQuery
GetCurrentThreadId
DecodePointer
GetCommandLineA
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
HeapAlloc
LCMapStringW
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
IsProcessorFeaturePresent
MultiByteToWideChar
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
WriteFile
GetModuleFileNameW
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
HeapSize
FlushFileBuffers

user32

MessageBoxW
GetAsyncKeyState
EnumDisplayDevicesW

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Siyanur lag hack- S.A latino/siyanur - Lag Hack.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ebb3c09b06b1666d307952e824c8697

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

gdi32

user32

comctl32

version

Sections

.text Size: 38KB - Virtual size: 38KB

.data Size: 1024B - Virtual size: 6KB

.rsrc Size: 158KB - Virtual size: 160KB

e13629fc29b9c5c6280e1b1d49f5356f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 6KB - Virtual size: 6KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 141KB - Virtual size: 140KB

.sdata Size: 512B - Virtual size: 150B

.rsrc Size: 90KB - Virtual size: 89KB

.reloc Size: 512B - Virtual size: 12B

e13629fc29b9c5c6280e1b1d49f5356f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 6KB - Virtual size: 6KB

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 37KB - Virtual size: 36KB

DATA Size: 1024B - Virtual size: 588B

BSS Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 2KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 38KB - Virtual size: 38KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 158KB - Virtual size: 160KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 6KB - Virtual size: 6KB

.text
Size: 141KB - Virtual size: 140KB

.sdata
Size: 512B - Virtual size: 150B

.rsrc
Size: 90KB - Virtual size: 89KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 6KB - Virtual size: 6KB

CODE
Size: 37KB - Virtual size: 36KB

DATA
Size: 1024B - Virtual size: 588B

BSS
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 11KB - Virtual size: 11KB