62cf53c4f89e48cd765f8a3506b679ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62cf53c4f89e48cd765f8a3506b679ea_JaffaCakes118
Size

2.0MB
MD5

62cf53c4f89e48cd765f8a3506b679ea
SHA1

c67368dfa29f4e7b60d88a3220eff30560b59c8c
SHA256

23d1a182713c1955a6155e0a9b78094cabd99c25c3de939c19cf20c38db396b8
SHA512

c5e1d92e46227cfae5e6af8a890accb642e9ef8d7e34fed25aa701d81dd2ddbaecedb2cc8ac99fedac76eae12f900910819887354a97545514778b44b15cffd3
SSDEEP

49152:lceele+gYeH4Mfrj45Upwod9tzqB9oSFVYkGkEsevLwsDeX:luEYSyA5t2B9o8RGgev36X

Score

7^/10

upx aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/RadioBox/oggenc.exe	aspack_v212_v242

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/RadioBox/RadioBox.exe	upx

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RadioBox/RadioBox.exe
unpack001/RadioBox/bass.dll
unpack001/RadioBox/bass_aac.dll
unpack001/RadioBox/bassenc.dll
unpack001/RadioBox/basswma.dll
unpack001/RadioBox/lame.exe
unpack001/RadioBox/oggenc.exe

Files

62cf53c4f89e48cd765f8a3506b679ea_JaffaCakes118
.7z
RadioBox/RadioBox.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 384KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 134KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RadioBox/Setting/EQPresets.ini
RadioBox/Setting/Favorites.ini
RadioBox/Setting/RunJob.ini
RadioBox/Setting/Setting.ini
RadioBox/Setting/Uao.txt
RadioBox/bass.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_Apply3D
BASS_ChannelBytes2Seconds
BASS_ChannelFlags
BASS_ChannelGet3DAttributes
BASS_ChannelGet3DPosition
BASS_ChannelGetAttribute
BASS_ChannelGetData
BASS_ChannelGetDevice
BASS_ChannelGetInfo
BASS_ChannelGetLength
BASS_ChannelGetLevel
BASS_ChannelGetPosition
BASS_ChannelGetTags
BASS_ChannelIsActive
BASS_ChannelIsSliding
BASS_ChannelLock
BASS_ChannelPause
BASS_ChannelPlay
BASS_ChannelRemoveDSP
BASS_ChannelRemoveFX
BASS_ChannelRemoveLink
BASS_ChannelRemoveSync
BASS_ChannelSeconds2Bytes
BASS_ChannelSet3DAttributes
BASS_ChannelSet3DPosition
BASS_ChannelSetAttribute
BASS_ChannelSetDSP
BASS_ChannelSetDevice
BASS_ChannelSetFX
BASS_ChannelSetLink
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelSlideAttribute
BASS_ChannelStop
BASS_ChannelUpdate
BASS_ErrorGetCode
BASS_FXGetParameters
BASS_FXReset
BASS_FXSetParameters
BASS_Free
BASS_Get3DFactors
BASS_Get3DPosition
BASS_GetCPU
BASS_GetConfig
BASS_GetConfigPtr
BASS_GetDSoundObject
BASS_GetDevice
BASS_GetDeviceInfo
BASS_GetEAXParameters
BASS_GetInfo
BASS_GetVersion
BASS_GetVolume
BASS_Init
BASS_MusicFree
BASS_MusicLoad
BASS_Pause
BASS_PluginFree
BASS_PluginGetInfo
BASS_PluginLoad
BASS_RecordFree
BASS_RecordGetDevice
BASS_RecordGetDeviceInfo
BASS_RecordGetInfo
BASS_RecordGetInput
BASS_RecordGetInputName
BASS_RecordInit
BASS_RecordSetDevice
BASS_RecordSetInput
BASS_RecordStart
BASS_SampleCreate
BASS_SampleFree
BASS_SampleGetChannel
BASS_SampleGetChannels
BASS_SampleGetData
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SampleSetData
BASS_SampleSetInfo
BASS_SampleStop
BASS_Set3DFactors
BASS_Set3DPosition
BASS_SetConfig
BASS_SetConfigPtr
BASS_SetDevice
BASS_SetEAXParameters
BASS_SetVolume
BASS_Start
BASS_Stop
BASS_StreamCreate
BASS_StreamCreateFile
BASS_StreamCreateFileUser
BASS_StreamCreateURL
BASS_StreamFree
BASS_StreamGetFilePosition
BASS_StreamPutData
BASS_StreamPutFileData
BASS_Update
_

Sections

Size: 98KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 568B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RadioBox/bass_aac.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_AAC_StreamCreateFile
BASS_AAC_StreamCreateFileUser
BASS_AAC_StreamCreateURL
BASS_MP4_StreamCreateFile
BASS_MP4_StreamCreateFileUser
BASSplugin

Sections

Size: 145KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 728B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RadioBox/bassenc.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_Encode_AddChunk
BASS_Encode_CastGetStats
BASS_Encode_CastInit
BASS_Encode_CastSendMeta
BASS_Encode_CastSetTitle
BASS_Encode_GetACMFormat
BASS_Encode_GetChannel
BASS_Encode_GetCount
BASS_Encode_GetVersion
BASS_Encode_IsActive
BASS_Encode_ServerInit
BASS_Encode_ServerKick
BASS_Encode_SetChannel
BASS_Encode_SetNotify
BASS_Encode_SetPaused
BASS_Encode_Start
BASS_Encode_StartACM
BASS_Encode_StartACMFile
BASS_Encode_StartLimit
BASS_Encode_Stop
BASS_Encode_StopEx
BASS_Encode_Write

Sections

Size: 13KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 576B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RadioBox/basswma.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_WMA_EncodeClose
BASS_WMA_EncodeGetClients
BASS_WMA_EncodeGetPort
BASS_WMA_EncodeGetRates
BASS_WMA_EncodeOpen
BASS_WMA_EncodeOpenFile
BASS_WMA_EncodeOpenNetwork
BASS_WMA_EncodeOpenNetworkMulti
BASS_WMA_EncodeOpenPublish
BASS_WMA_EncodeOpenPublishMulti
BASS_WMA_EncodeSetNotify
BASS_WMA_EncodeSetTag
BASS_WMA_EncodeWrite
BASS_WMA_GetTags
BASS_WMA_GetWMObject
BASS_WMA_StreamCreateFile
BASS_WMA_StreamCreateFileAuth
BASS_WMA_StreamCreateFileUser
BASSplugin

Sections

Size: 14KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 576B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RadioBox/lame.exe
.exe windows:5 windows x86 arch:x86

ea1e53a7b5b9f44d9b56187ed422f57d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetFileType
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
GetCurrentProcess
SetPriorityClass
FindFirstFileA
FindClose
GetThreadLocale
LoadLibraryA
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetLastError
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetDriveTypeA
HeapAlloc
HeapFree
GetCommandLineA
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
CloseHandle
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
ReadFile
SetFilePointer
SetStdHandle
GetFullPathNameA
GetCurrentDirectoryA
VirtualFree
VirtualAlloc
HeapCreate
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
HeapSize
GetLocaleInfoA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
SetEndOfFile
GetProcessHeap

Sections

.text
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RadioBox/oggenc.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 140KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.2MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 384KB

UPX1 Size: 134KB - Virtual size: 136KB

.rsrc Size: 11KB - Virtual size: 12KB

Headers

File Characteristics

Exports

Exports

Sections

Size: 98KB - Virtual size: 384KB

.rsrc Size: 568B - Virtual size: 4KB

Size: - Virtual size: 8KB

Size: 4KB - Virtual size: 3KB

Headers

File Characteristics

Exports

Exports

Sections

Size: 145KB - Virtual size: 252KB

.rsrc Size: 728B - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: 1KB - Virtual size: 1KB

Headers

File Characteristics

Exports

Exports

Sections

Size: 13KB - Virtual size: 28KB

.rsrc Size: 576B - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: 2KB - Virtual size: 1KB

Headers

File Characteristics

Exports

Exports

Sections

Size: 14KB - Virtual size: 28KB

.rsrc Size: 576B - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: 2KB - Virtual size: 1KB

ea1e53a7b5b9f44d9b56187ed422f57d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 364KB - Virtual size: 363KB

.rdata Size: 150KB - Virtual size: 150KB

.data Size: 11KB - Virtual size: 229KB

.data1 Size: 5KB - Virtual size: 4KB

.trace Size: 15KB - Virtual size: 15KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 20KB - Virtual size: 19KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 140KB - Virtual size: 288KB

.rdata Size: 1.2MB - Virtual size: 2.4MB

.data Size: 11KB - Virtual size: 28KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 28KB

.aspack Size: 4KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

UPX0
Size: - Virtual size: 384KB

UPX1
Size: 134KB - Virtual size: 136KB

.rsrc
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 568B - Virtual size: 4KB

.rsrc
Size: 728B - Virtual size: 4KB

.rsrc
Size: 576B - Virtual size: 4KB

.rsrc
Size: 576B - Virtual size: 4KB

.text
Size: 364KB - Virtual size: 363KB

.rdata
Size: 150KB - Virtual size: 150KB

.data
Size: 11KB - Virtual size: 229KB

.data1
Size: 5KB - Virtual size: 4KB

.trace
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 20KB - Virtual size: 19KB

.text
Size: 140KB - Virtual size: 288KB

.rdata
Size: 1.2MB - Virtual size: 2.4MB

.data
Size: 11KB - Virtual size: 28KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 28KB

.aspack
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB