bb98405807e1c790efe92f3864f69f5f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb98405807e1c790efe92f3864f69f5f_JaffaCakes118
Size

361KB
MD5

bb98405807e1c790efe92f3864f69f5f
SHA1

24be24030148494f90e9c4968c2d5e190c020211
SHA256

46ba3b9e42239b7d68b5a9ad786417570c520563f4138a9550946732563521cc
SHA512

986684c65fe4926ef6ed7a4b874af4fd92a7e9aba9fa138b0bc608ccb8a501e978ad25901cfd512ec42b36819e0e31ad3108a3ab626f854e5200896b8c6ba757
SSDEEP

6144:xJ75sB8vgLL/9ovv2JjxvglqbpFOXAC66d7BGE0uGYg1iZbMHTAqyFRZl8ucUqyG:xJ75saM9ov+JnpHWdFGVuRg1i5MzAXFG

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PlayTune.exe
unpack001/VBI_SNR.exe

Files

bb98405807e1c790efe92f3864f69f5f_JaffaCakes118
.zip
Channels.ini
Freqs.ini
PlayTune.exe
.exe windows:4 windows x86 arch:x86

6d7262a957616f786de56f96417e37d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

quartz

AMGetErrorTextA

kernel32

WideCharToMultiByte
GetCurrentProcessId
GetLastError
LCMapStringW
LCMapStringA
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
FlushFileBuffers
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
SetFilePointer
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStringTypeA
TerminateProcess
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetProcAddress
HeapAlloc
ExitProcess
CloseHandle
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree

user32

ShowWindow
CheckMenuItem
AppendMenuA
GetClientRect
wsprintfW
LoadCursorA
RegisterClassA
CreateWindowExA
DestroyWindow
SetWindowTextA
GetMessageA
MessageBoxA
DispatchMessageA
TranslateMessage
PostQuitMessage
IsIconic
CreateDialogParamA
DefWindowProcA
GetSystemMenu
GetDlgItemTextA
EndDialog

gdi32

GetStockObject

ole32

CoCreateInstance
CreateItemMoniker
GetRunningObjectTable
CoTaskMemFree
CoUninitialize
CoInitializeEx

oleaut32

OleCreatePropertyFrame
SysFreeString

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VBI_SNR.exe
.exe windows:4 windows x86 arch:x86

4aa1f5c3d8741ce2b61d8561b6b3fe3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

quartz

AMGetErrorTextA

d3d8

Direct3DCreate8

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime
timeSetEvent
timeKillEvent

kernel32

GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
CompareStringA
GetLocaleInfoA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
GetPrivateProfileStringA
Sleep
GetTimeFormatA
GetDateFormatA
GetModuleHandleA
SetEvent
ResetEvent
WaitForMultipleObjects
GetCurrentThreadId
MulDiv
InterlockedIncrement
InterlockedDecrement
SetEnvironmentVariableA
CompareStringW
DuplicateHandle
GetCurrentProcess
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
GetSystemInfo
VirtualAlloc
VirtualFree
FreeLibrary
LoadLibraryA
InterlockedExchange
CreateThread
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetACP
SetThreadPriority
GetThreadPriority
GetCurrentThread
GetTickCount
GetLastError
GetVersionExA
IsProcessorFeaturePresent
CreateEventA
CloseHandle
SetStdHandle
ReadFile
IsValidLocale
GetStringTypeA
SetFilePointer
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
FlushFileBuffers
RaiseException
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TlsGetValue
SetLastError
GetStringTypeW
CreateFileA
SetEndOfFile
TlsFree
TlsSetValue
FatalAppExitA
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetModuleFileNameA
GetCPInfo
HeapReAlloc
GetSystemTimeAsFileTime
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
HeapFree
RtlUnwind
LCMapStringA
HeapAlloc
GetOEMCP
SetConsoleCtrlHandler
IsValidCodePage
TlsAlloc
HeapSize
LCMapStringW

user32

SetDlgItemTextA
MessageBoxA
DefWindowProcA
GetQueueStatus
RegisterWindowMessageA
wsprintfA
wvsprintfA
MsgWaitForMultipleObjects
PeekMessageA
LoadIconA
RegisterClassExA
GetDesktopWindow
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
GetSystemMenu
AppendMenuA
GetDlgItem
EndDialog
GetDlgItemTextA
IsDlgButtonChecked
CheckRadioButton
SetWindowLongA
SetWindowPos
GetParent
SendMessageA
CallWindowProcA
IsWindowEnabled
EnableWindow
DestroyWindow
PostQuitMessage
SetWindowTextA
PostMessageA
CheckDlgButton
CreateDialogParamA
UnregisterClassA
DispatchMessageA
PostThreadMessageA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

shell32

ShellExecuteA

olepro32

ord250

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoFreeUnusedLibraries
GetRunningObjectTable
CreateItemMoniker
CoCreateInstance

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 636KB - Virtual size: 635KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VBI_SNR.ini
VBI_SNR_src/CaptureTex.dsp
VBI_SNR_src/CaptureTex.dsw
VBI_SNR_src/CaptureTex.plg
.html
VBI_SNR_src/CaptureTex.sln
VBI_SNR_src/DShowTextures.cpp
VBI_SNR_src/Kfactor.h
VBI_SNR_src/RCa00272
VBI_SNR_src/RESOURCE.H
VBI_SNR_src/TEXTURES.H
VBI_SNR_src/Textures.cpp
VBI_SNR_src/VBI_SNR.ini
VBI_SNR_src/dshowtextures.h
VBI_SNR_src/fftw3.h
VBI_SNR_src/readme.txt
VBI_SNR_src/readme_rus.txt
VBI_SNR_src/resrc1.h
VBI_SNR_src/textures.aps
VBI_SNR_src/textures.rc
readme_rus.txt

Sharing

General

Malware Config

Signatures

Files

6d7262a957616f786de56f96417e37d0

Headers

File Characteristics

Imports

quartz

kernel32

user32

gdi32

ole32

oleaut32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 1KB

4aa1f5c3d8741ce2b61d8561b6b3fe3e

Headers

File Characteristics

Imports

quartz

d3d8

winmm

kernel32

user32

advapi32

shell32

olepro32

ole32

oleaut32

Sections

.text Size: 636KB - Virtual size: 635KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 36KB - Virtual size: 40KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 1KB

.text
Size: 636KB - Virtual size: 635KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 36KB - Virtual size: 40KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 4KB