375d4880d0272e58962ea14fb66960f8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

375d4880d0272e58962ea14fb66960f8_JaffaCakes118
Size

183KB
MD5

375d4880d0272e58962ea14fb66960f8
SHA1

341157212609d0d4aa5d8501f731744147e642e3
SHA256

4573f54082888daa2f1dbc296913d9fa39696bbf9769b193218840f6b85bf08c
SHA512

1e7abd3182457b64977563a30bb6ac6077df7700693d20ebec61769b396ee88ea447fcdab3b0173d14d28f72f3e693df4045fe53618230f1cb2a1cbce7a0974c
SSDEEP

3072:C5p2hCVdhZlYlVK+0vPrEQqPb4p1RLVp0UnShGwFfZoGw/ZrpfihJX0b0:C5coVdylov4l4p1TpxnSA+f/8Yje0

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PlayTune.exe
unpack001/VBI_SNR.exe

Files

375d4880d0272e58962ea14fb66960f8_JaffaCakes118
.zip
Channels.ini
Freqs.ini
PlayTune.exe
.exe windows:4 windows x86 arch:x86

6d7262a957616f786de56f96417e37d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

quartz

AMGetErrorTextA

kernel32

WideCharToMultiByte
GetCurrentProcessId
GetLastError
LCMapStringW
LCMapStringA
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
FlushFileBuffers
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
SetFilePointer
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStringTypeA
TerminateProcess
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetProcAddress
HeapAlloc
ExitProcess
CloseHandle
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree

user32

ShowWindow
CheckMenuItem
AppendMenuA
GetClientRect
wsprintfW
LoadCursorA
RegisterClassA
CreateWindowExA
DestroyWindow
SetWindowTextA
GetMessageA
MessageBoxA
DispatchMessageA
TranslateMessage
PostQuitMessage
IsIconic
CreateDialogParamA
DefWindowProcA
GetSystemMenu
GetDlgItemTextA
EndDialog

gdi32

GetStockObject

ole32

CoCreateInstance
CreateItemMoniker
GetRunningObjectTable
CoTaskMemFree
CoUninitialize
CoInitializeEx

oleaut32

OleCreatePropertyFrame
SysFreeString

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VBI_SNR.exe
.exe windows:4 windows x86 arch:x86

a28b290679b98dd9974e22cfce87eb89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

quartz

AMGetErrorTextA

d3d8

Direct3DCreate8

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime
timeSetEvent
timeKillEvent

kernel32

GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
CompareStringA
GetLocaleInfoA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
GetPrivateProfileStringA
Sleep
GetTimeFormatA
GetDateFormatA
GetModuleHandleA
SetEvent
ResetEvent
WaitForMultipleObjects
GetCurrentThreadId
MulDiv
InterlockedIncrement
InterlockedDecrement
SetEnvironmentVariableA
CompareStringW
DuplicateHandle
GetCurrentProcess
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
GetSystemInfo
VirtualAlloc
VirtualFree
FreeLibrary
LoadLibraryA
InterlockedExchange
CreateThread
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetACP
SetThreadPriority
GetThreadPriority
GetCurrentThread
GetTickCount
GetLastError
GetVersionExA
IsProcessorFeaturePresent
CreateEventA
CloseHandle
CreateFileA
ReadFile
IsValidLocale
SetStdHandle
GetStringTypeW
GetStringTypeA
SetFilePointer
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
RaiseException
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TlsGetValue
FlushFileBuffers
SetLastError
SetEndOfFile
TlsSetValue
FatalAppExitA
TlsAlloc
HeapCreate
HeapDestroy
IsBadWritePtr
GetCPInfo
GetModuleFileNameA
HeapSize
HeapReAlloc
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
HeapFree
RtlUnwind
HeapAlloc
GetOEMCP
TlsFree
SetConsoleCtrlHandler
LCMapStringA
IsValidCodePage
GetEnvironmentVariableA
LCMapStringW

user32

RegisterWindowMessageA
SetDlgItemTextA
MessageBoxA
DefWindowProcA
GetDesktopWindow
wsprintfA
wvsprintfA
MsgWaitForMultipleObjects
PeekMessageA
GetQueueStatus
PostThreadMessageA
RegisterClassExA
UpdateWindow
CreateWindowExA
ShowWindow
DispatchMessageA
GetMessageA
TranslateMessage
GetSystemMenu
AppendMenuA
GetDlgItemTextA
GetDlgItem
EndDialog
IsDlgButtonChecked
CheckRadioButton
SetWindowLongA
SetWindowPos
GetParent
SendMessageA
CallWindowProcA
IsWindowEnabled
EnableWindow
DestroyWindow
PostQuitMessage
SetWindowTextA
PostMessageA
CheckDlgButton
CreateDialogParamA
UnregisterClassA
LoadIconA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

shell32

ShellExecuteA

olepro32

ord250

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
GetRunningObjectTable
CreateItemMoniker
CoCreateInstance

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VBI_SNR.ini
VBI_SNR_src/CaptureTex.dsp
VBI_SNR_src/CaptureTex.dsw
VBI_SNR_src/CaptureTex.plg
.html
VBI_SNR_src/CaptureTex.sln
VBI_SNR_src/DShowTextures.cpp
VBI_SNR_src/Kfactor.h
VBI_SNR_src/RCa00272
VBI_SNR_src/RESOURCE.H
VBI_SNR_src/TEXTURES.H
VBI_SNR_src/Textures.cpp
VBI_SNR_src/VBI_SNR.ini
VBI_SNR_src/dshowtextures.h
VBI_SNR_src/readme.txt
VBI_SNR_src/readme_rus.txt
VBI_SNR_src/resrc1.h
VBI_SNR_src/textures.aps
VBI_SNR_src/textures.rc
readme_rus.txt

Sharing

General

Malware Config

Signatures

Files

6d7262a957616f786de56f96417e37d0

Headers

File Characteristics

Imports

quartz

kernel32

user32

gdi32

ole32

oleaut32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 1KB

a28b290679b98dd9974e22cfce87eb89

Headers

File Characteristics

Imports

quartz

d3d8

winmm

kernel32

user32

advapi32

shell32

olepro32

ole32

oleaut32

Sections

.text Size: 200KB - Virtual size: 199KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 28KB - Virtual size: 33KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 1KB

.text
Size: 200KB - Virtual size: 199KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 28KB - Virtual size: 33KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 4KB