782b8dffe27f510669b700216708222f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

782b8dffe27f510669b700216708222f_JaffaCakes118
Size

62KB
MD5

782b8dffe27f510669b700216708222f
SHA1

3815e281e3b31056eb9354a00950e793aca6c14e
SHA256

99163900d722c32368c0a883bfb57fa36db4bd3118fa42b7d5daf1bb960bc89d
SHA512

3028066cd23f2da8726e97b497d97ecccbdb61a4040d5a91ec77ed05af5570ac2d53bfc4ca004ae48027b30ba03077ca4a585e36a1a4267cd23b3dd3fc0865f1
SSDEEP

1536:0OPKcI3tJz5IJbQoC78oUTzBSXW7Rbm5LdQsNla/D:4TH97hgQXqm5hblMD

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ha_audioplayer096/audioplayer.exe
unpack001/ha_audioplayer096/audiose.dll
unpack001/ha_audioplayer096/comfunct.dll
unpack001/ha_audioplayer096/update.dll

Files

782b8dffe27f510669b700216708222f_JaffaCakes118
.rar
ha_audioplayer096/audioplayer.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

LoadLi
Size: 4KB - Virtual size: 1830.1MB

Size: 180KB - Virtual size: 4B

��
Size: - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
ha_audioplayer096/audioplayer.jpg
.jpg
ha_audioplayer096/audiose.dll
.dll windows:4 windows x86 arch:x86

bcd2a2014d82ed1d8326e61a2505c54e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comfunct

ConnectHandleW
ServerConnectW
SetStatusW

kernel32

AddAtomA
CloseHandle
CreateFileW
DeleteFileW
FindAtomA
FormatMessageA
GetAtomNameA
GetFileSize
GetLastError
GetTempFileNameW
GetTempPathW
LocalFree
MapViewOfFile
OpenFileMappingW
SetEndOfFile
UnmapViewOfFile
WriteFile

msvcrt

__dllonexit
_errno
_iob
_snprintf
_snwprintf
abort
fflush
fprintf
free
malloc
memcpy
memset

shlwapi

PathFindFileNameW

user32

DrawMenuBar
EnableMenuItem
FindWindowW
GetDlgItem
GetMenu
GetSubMenu
MessageBoxA
MessageBoxW
PostMessageW
SendMessageW
SetDlgItemTextW
ShowWindow

wininet

HttpOpenRequestW
HttpQueryInfoW
HttpSendRequestW
InternetCloseHandle
InternetCrackUrlW
InternetQueryDataAvailable
InternetReadFile

Exports

Exports

ASEThread
DllMain
StopDownloading

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 192B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ha_audioplayer096/comfunct.dll
.dll windows:4 windows x86 arch:x86

be9ed13c913801397fee2350e3ca84a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
FindAtomA
GetAtomNameA
GetLastError
MultiByteToWideChar
SetLastError
WideCharToMultiByte

msvcrt

__dllonexit
_errno
_iob
abort
fflush
fprintf
free
malloc
wcslen

user32

SendDlgItemMessageA
SendDlgItemMessageW

wininet

InternetConnectA
InternetConnectW
InternetOpenA
InternetOpenW

Exports

Exports

ASCIIConversion
ChangeTextFont
ConnectHandleA
ConnectHandleW
FreePointer
ServerConnectA
ServerConnectW
SetStatusA
SetStatusW
UnicodeConversion

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 176B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ha_audioplayer096/readme.txt
ha_audioplayer096/update.dll
.dll windows:4 windows x86 arch:x86

745503e091a5f75950343321ff76c223

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comfunct

ChangeTextFont
ConnectHandleW
ServerConnectW

gdi32

CreateFontIndirectW
DeleteObject
GetObjectW
GetStockObject

kernel32

AddAtomA
CloseHandle
CreateFileW
CreateThread
DeleteFileW
FindAtomA
FormatMessageA
GetAtomNameA
GetFileSize
GetLastError
GetModuleHandleW
GetVersionExW
LocalFree
ReadFile
SetEndOfFile
WriteFile

msvcrt

__dllonexit
_errno
_iob
_snprintf
_snwprintf
abort
atoi
fflush
fprintf
free
malloc
memset
wcscpy

shell32

ShellExecuteW

user32

BeginPaint
CreateWindowExW
DefWindowProcW
DestroyWindow
EndPaint
FillRect
FindWindowW
GetClassInfoExW
GetClientRect
GetSysColorBrush
GetWindowRect
LoadImageW
MessageBoxA
MessageBoxW
RegisterClassExW
SendDlgItemMessageW
SendMessageW
SetForegroundWindow
ShowWindow
UnregisterClassW
UpdateWindow

wininet

HttpOpenRequestW
HttpQueryInfoW
HttpSendRequestW
InternetCloseHandle
InternetQueryDataAvailable
InternetReadFile

Exports

Exports

DllMain
UpdateClean
UpdateDialog

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 272B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ha_audioplayer096/安装说明.url
.url
ha_audioplayer096/汉化说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

LoadLi Size: 4KB - Virtual size: 1830.1MB

Size: 180KB - Virtual size: 4B

���� Size: - Virtual size:

bcd2a2014d82ed1d8326e61a2505c54e

Headers

File Characteristics

Imports

comfunct

kernel32

msvcrt

shlwapi

user32

wininet

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 32B

.rdata Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 192B

.edata Size: 512B - Virtual size: 216B

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 848B

.reloc Size: 1024B - Virtual size: 736B

be9ed13c913801397fee2350e3ca84a3

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

wininet

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 32B

.rdata Size: 512B - Virtual size: 240B

.bss Size: - Virtual size: 176B

.edata Size: 1024B - Virtual size: 596B

.idata Size: 1024B - Virtual size: 820B

.rsrc Size: 1024B - Virtual size: 856B

.reloc Size: 512B - Virtual size: 440B

745503e091a5f75950343321ff76c223

Headers

File Characteristics

Imports

comfunct

gdi32

kernel32

msvcrt

shell32

user32

wininet

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 112B

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: - Virtual size: 272B

.edata Size: 512B - Virtual size: 212B

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

LoadLi
Size: 4KB - Virtual size: 1830.1MB

��
Size: - Virtual size:

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 32B

.rdata
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 192B

.edata
Size: 512B - Virtual size: 216B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 848B

.reloc
Size: 1024B - Virtual size: 736B

.text
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 32B

.rdata
Size: 512B - Virtual size: 240B

.bss
Size: - Virtual size: 176B

.edata
Size: 1024B - Virtual size: 596B

.idata
Size: 1024B - Virtual size: 820B

.rsrc
Size: 1024B - Virtual size: 856B

.reloc
Size: 512B - Virtual size: 440B

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 112B

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: - Virtual size: 272B

.edata
Size: 512B - Virtual size: 212B

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB