6409f0b0c32ab5e5ff352cc5c0309a8a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6409f0b0c32ab5e5ff352cc5c0309a8a_JaffaCakes118
Size

271KB
MD5

6409f0b0c32ab5e5ff352cc5c0309a8a
SHA1

5127fe3b6284e622237febcc07ae934ae1e3aeb8
SHA256

4799b48d9a8350fd4bef264babe42b33c6353f22781253d6a64da03a92ed930a
SHA512

9a47ae2ec015a5858d47b05acf5de62b89635f5c8a98e460cf08f85e5faf2392dd0dc010bfa4ae21637d085386740788ab2dcf2a54dc949e1c29aa8d2cd9995e
SSDEEP

6144:BxrCszoA/C7AS5aNCwchNpqW8UgWJ9CdLGqLTQv5OvDpZ:BxWsuGr4pzmOYdLavgDz

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DBpowerAMP.CD.Writer.vR2.Cracked.WinAll-CPHV/CDWriteWorker.exe
unpack001/DBpowerAMP.CD.Writer.vR2.Cracked.WinAll-CPHV/CDWriter.exe
unpack001/DBpowerAMP.CD.Writer.vR2.Cracked.WinAll-CPHV/MusicConverter.exe

Files

6409f0b0c32ab5e5ff352cc5c0309a8a_JaffaCakes118
.zip
DBpowerAMP.CD.Writer.vR2.Cracked.WinAll-CPHV/CDWriteWorker.exe
.exe windows:4 windows x86 arch:x86

a5158eca0235ee0dbaff1a3ec7c42f9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetStartupInfoA
ExitProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
FormatMessageA
GetProfileStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
GetOEMCP
GetCPInfo
SizeofResource
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
SetLastError
WideCharToMultiByte
InterlockedIncrement
MultiByteToWideChar
GetThreadLocale
InterlockedDecrement
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
LockResource
FindResourceA
LoadResource
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetFileAttributesA
ReleaseMutex
CreateMutexA
FindFirstFileA
FindNextFileA
FindClose
GetFileTime
SetEndOfFile
GetFileSize
WriteFile
SetFilePointer
ReadFile
CreateFileA
ResetEvent
SetEvent
CreateEventA
GetLastError
MulDiv
GlobalAlloc
GlobalLock
GlobalFree
GlobalUnlock
WaitForSingleObject
CloseHandle
lstrlenA
lstrcpyA
GetModuleFileNameA
SetErrorMode
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteFileA
RemoveDirectoryA
GetSystemTime
SystemTimeToFileTime
GetTickCount
Sleep
GetFileType
GetCommandLineA

user32

GetNextDlgGroupItem
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetDlgCtrlID
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
SetRect
GetMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
PostMessageA
SetWindowPos
UnregisterClassA
RegisterClassExA
CharUpperA
TabbedTextOutA
LoadImageA
GetDC
ReleaseDC
PeekMessageA
DispatchMessageA
TranslateMessage
KillTimer
InvalidateRect
FillRect
DialogBoxParamA
EndDialog
GetDesktopWindow
GetSysColor
BeginPaint
GetWindowLongA
EndPaint
CreateWindowExA
SetWindowLongA
SetFocus
DefWindowProcA
LoadIconA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
ShowWindow
LoadCursorA
SetCursor
MessageBeep
GetWindowTextA
CreateDialogParamA
DestroyWindow
MessageBoxA
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
GetDlgItem
PostQuitMessage
wsprintfA
CopyAcceleratorTableA
DestroyMenu
LoadStringA
GetSysColorBrush
GetFocus
SetWindowTextA
SetTimer
PtInRect
GetClassNameA
GrayStringA
DrawTextA
GetWindowDC
ClientToScreen
CharNextA
MoveWindow
IsDialogMessageA
MapDialogRect
SetWindowContextHelpId
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
ScreenToClient
CopyRect
GetNextDlgTabItem

gdi32

SetBkMode
SetTextColor
GetTextExtentPoint32A
CreatePen
CreateBitmap
GetClipBox
SetBkColor
GetTextColor
GetBkColor
GetStockObject
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
ExtTextOutA
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
DPtoLP
LPtoDP
GetMapMode
PatBlt
CreateFontIndirectA
CreateBrushIndirect
CreateCompatibleDC
DeleteDC
SelectObject
GetPixel
SetPixel
GetObjectA
DeleteObject
CreateCompatibleBitmap
GetDeviceCaps
BitBlt
MoveToEx
LineTo
Ellipse
CreateDIBitmap
GetTextExtentPointA
CreateSolidBrush

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize

olepro32

ord253
ord251

oleaut32

SysFreeString
SysStringLen
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantChangeType
SysAllocString
VariantCopy
SysAllocStringByteLen

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DBpowerAMP.CD.Writer.vR2.Cracked.WinAll-CPHV/CDWriter.exe
.exe windows:4 windows x86 arch:x86

f0fac6e31d33bfa630ab67e821c99bb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GetLastError
CreateEventA
SetEvent
lstrlenA
lstrcpyA
GetModuleFileNameA
GetVersionExA
GetDiskFreeSpaceA
SetFileAttributesA
GetSystemTime
SystemTimeToFileTime
GlobalAlloc
GlobalLock
GlobalUnlock
LoadLibraryA
GetProcAddress
MulDiv
GlobalFree
ReleaseMutex
CreateMutexA
SetThreadPriority
ResumeThread
GetTempPathA
GetTempFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetVolumeInformationA
CreateDirectoryA
GetFileTime
SetEndOfFile
GetFileSize
WriteFile
SetFilePointer
ReadFile
CreateFileA
FindFirstFileA
FindNextFileA
FindClose
FreeLibrary
RemoveDirectoryA
CreateProcessA
GetTickCount
WaitForSingleObject
Sleep
CloseHandle
CopyFileA
DeleteFileA
SetErrorMode
GetLogicalDriveStringsA
ResetEvent

user32

GetDC
ReleaseDC
PeekMessageA
DispatchMessageA
TranslateMessage
LoadImageA
GetSysColor
BeginPaint
GetWindowLongA
DrawIcon
EndPaint
CreateWindowExA
SetWindowLongA
SetFocus
DefWindowProcA
DialogBoxParamA
IsZoomed
IsIconic
GetWindowRect
EndDialog
LoadMenuA
TabbedTextOutA
GetTabbedTextExtentA
CharUpperA
FillRect
ClientToScreen
IsWindowVisible
ChildWindowFromPoint
RegisterClassExA
UnregisterClassA
GetWindowTextLengthA
GetForegroundWindow
WindowFromPoint
GetSubMenu
EnableMenuItem
OpenClipboard
GetClipboardData
CloseClipboard
TrackPopupMenu
DestroyMenu
EmptyClipboard
SetClipboardData
LoadIconA
SetClassLongA
GetDesktopWindow
SetTimer
ReleaseCapture
SetCapture
GetCursorPos
ScreenToClient
MessageBoxA
SetForegroundWindow
ShowWindow
EnableWindow
SetWindowTextA
LoadCursorA
SetCursor
GetClientRect
wsprintfA
DestroyWindow
GetWindowTextA
SendMessageA
InvalidateRect
GetDlgItem
MoveWindow
SetWindowPos
UpdateWindow

gdi32

CreateBrushIndirect
SelectObject
DeleteObject
CreateFontIndirectA
ExtTextOutA
Rectangle
SetTextColor
GetTextExtentPoint32A
CreatePen
CreateCompatibleDC
DeleteDC
CreateCompatibleBitmap
GetObjectA
GetPixel
GetDIBits
Ellipse
LineTo
MoveToEx
BitBlt
SetPixel
CreateSolidBrush
GetDeviceCaps
SetBkMode

advapi32

RegEnumValueA
RegQueryValueExA
GetUserNameA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

DragQueryFileA
DragAcceptFiles
ShellExecuteA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFileInfoA

ole32

CoUninitialize
CoInitialize
CreateStreamOnHGlobal

msvcrt

_strupr
_CIpow
_beginthreadex
_endthreadex
_wcsupr
wcscat
wcslen
wcscpy
wcscmp
_stricmp
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
_ftol
sprintf
strncmp
strtol
strrchr
strchr
atol
strstr
strncpy
_wcsicmp
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_strcmpi

comctl32

ord17

oleaut32

OleLoadPicture

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DBpowerAMP.CD.Writer.vR2.Cracked.WinAll-CPHV/MusicConverter.exe
.exe windows:4 windows x86 arch:x86

a2c6b991853cee1ba9ab6993a3a5cdf7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetShortPathNameA
MoveFileA
Sleep
GetTickCount
CopyFileA
lstrcmpA
GetModuleFileNameA
lstrcpyA
lstrcmpiA
DeleteFileA
GetTempPathA
GetCurrentProcessId
GetStartupInfoA
GetModuleHandleA
MulDiv
OpenProcess
GlobalLock
GlobalFree
GlobalUnlock
ResumeThread
GetTempFileNameA
ResetEvent
SetEvent
CreateEventA
ReleaseMutex
CreateMutexA
GetFileTime
SetEndOfFile
GetFileSize
WriteFile
SetFilePointer
ReadFile
GetLastError
CreateFileA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
MultiByteToWideChar
WideCharToMultiByte
GetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetSystemTime
SetSystemPowerState
CreateProcessA
WaitForSingleObject
CloseHandle
GetCommandLineA
GetCurrentThread
SetThreadPriority
GetCurrentProcess
SetPriorityClass
GetVersionExA
GlobalAlloc
SystemTimeToFileTime
FreeLibrary
GetProcAddress
SetFileAttributesA
LoadLibraryA

user32

EndPaint
BeginPaint
EnableWindow
GetWindowRect
EndDialog
LoadIconA
SetClassLongA
SendMessageA
LoadCursorA
SetCursor
GetWindowLongA
SetWindowLongA
LoadImageA
InvalidateRect
GetClientRect
SetWindowTextA
GetDlgItem
DialogBoxParamA
GetWindow
DrawFocusRect
CallWindowProcA
GetParent
ExitWindowsEx
PostQuitMessage
GetSysColor
DrawIcon
CreateWindowExA
DefWindowProcA
CharUpperA
DestroyWindow
EnumChildWindows
GetWindowTextA
GetDC
ReleaseDC
PeekMessageA
DispatchMessageA
TranslateMessage
BringWindowToTop
GetCursorPos
ScreenToClient
GetDesktopWindow
IsIconic
SetWindowPos
GetForegroundWindow
FillRect
DrawIconEx
DestroyIcon
ShowWindow
MoveWindow
SetTimer
SetForegroundWindow
TabbedTextOutA
GetTabbedTextExtentA
DestroyMenu
TrackPopupMenu
ClientToScreen
GetSubMenu
LoadMenuA
IsWindowVisible
ChildWindowFromPoint
SetCapture
ReleaseCapture
RegisterClassExA
UnregisterClassA
GetWindowTextLengthA
WindowFromPoint
SetFocus
MessageBeep
MessageBoxA
KillTimer
wsprintfA

gdi32

CreateFontIndirectA
DeleteObject
GetTextMetricsA
SetTextColor
SetBkMode
TextOutA
CreateSolidBrush
SelectObject
GetTextExtentPointA
GetDeviceCaps
BitBlt
CreateCompatibleDC
DeleteDC
ExtTextOutA
GetTextExtentPoint32A
CreateBrushIndirect
CreateCompatibleBitmap
GetObjectA
SetPixel
GetPixel
GetDIBits
Rectangle
CreatePen

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

GetUserNameA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA

shell32

SHGetMalloc
SHBrowseForFolderA
ExtractIconA
SHGetPathFromIDListA
SHGetFileInfoA
SHChangeNotify
ShellExecuteA

ole32

CoInitialize
CoUninitialize
CreateStreamOnHGlobal

comctl32

ord17

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

waveOutClose
waveOutReset
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutPause
waveOutRestart
waveOutSetVolume
waveOutGetPosition
waveOutOpen

msvcrt

_except_handler3
_controlfp
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
_strcmpi
__set_app_type
_CIpow
_beginthreadex
_endthreadex
_wcsupr
_strupr
wcscat
wcscmp
_stricmp
wcslen
wcscpy
_wcsicmp
strtol
exit
strncpy
atoi
??2@YAPAXI@Z
__CxxFrameHandler
??3@YAXPAX@Z
strchr
atol
strstr
sprintf
strncmp
_ftol
strrchr

oleaut32

OleLoadPicture

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DBpowerAMP.CD.Writer.vR2.Cracked.WinAll-CPHV/cphv.nfo
DBpowerAMP.CD.Writer.vR2.Cracked.WinAll-CPHV/file_id.diz
DBpowerAMP.CD.Writer.vR2.Cracked.WinAll-CPHV/nfo.txt
readme.html
.html

Sharing

General

Malware Config

Signatures

Files

a5158eca0235ee0dbaff1a3ec7c42f9f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 24KB - Virtual size: 42KB

.rsrc Size: 28KB - Virtual size: 26KB

f0fac6e31d33bfa630ab67e821c99bb2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

msvcrt

comctl32

oleaut32

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 16KB - Virtual size: 13KB

a2c6b991853cee1ba9ab6993a3a5cdf7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

version

winmm

msvcrt

oleaut32

Sections

.text Size: 132KB - Virtual size: 130KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 76KB - Virtual size: 75KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 24KB - Virtual size: 42KB

.rsrc
Size: 28KB - Virtual size: 26KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 16KB - Virtual size: 13KB

.text
Size: 132KB - Virtual size: 130KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 76KB - Virtual size: 75KB