3824d49d77fbf3acc9afd621a63c302e_JaffaCakes118

Resubmissions

12-05-2024 21:47

240512-1m9tsagc3s 3

12-05-2024 04:00

240512-ekmqksaf77 10

Sharing

Copy URL

Twitter E-mail

General

Target

3824d49d77fbf3acc9afd621a63c302e_JaffaCakes118
Size

579KB
MD5

3824d49d77fbf3acc9afd621a63c302e
SHA1

1f87dd119d1f6f91a88e5890fb4ca11da0f4f4f9
SHA256

f1ed39e3adcf0f0b1fdde99601fd83a62ee13002a279ec5d2ebafafc51ab348f
SHA512

e5d66a8fc788467e8190f9bf5995c8046e3696910f5ffe8f3d8ac0edef7b250c6cf8141c846f8ee03c555205786d1fd22b0664bdc7e75ae6c6e61ce281f06000
SSDEEP

12288:/1zdBrPvGkOUexRDLVYdehWWtVx5jMGMiRAzeU4/KkCCJdasoNxR:/HBrvGk4xDYdStVxYzzelV3oB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CryptoLocker (2013).exe

Files

3824d49d77fbf3acc9afd621a63c302e_JaffaCakes118
.zip

Password: infected
CryptoLocker (2013).exe
.exe windows:4 windows x86 arch:x86

Password: infected

f4228cb049acde33150c5fe763f4201f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
HeapAlloc
HeapReAlloc
HeapFree
VirtualAlloc
GetCommandLineA
GetProcessHeap
RaiseException
RtlUnwind
HeapSize
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetFilePointer
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetACP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
WriteFile
GetOEMCP
GetCPInfo
GetLocaleInfoA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetVersionExA
GetThreadLocale
GlobalGetAtomNameA
GlobalFlags
lstrcmpA
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GetCurrentProcessId
GetModuleFileNameA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
SetLastError
InterlockedExchange
LoadLibraryA
SizeofResource
FreeLibrary
FlushFileBuffers
PrepareTape
Sleep
GetCurrentProcess
GetVersion
CompareStringA
LockResource
SetEvent
GetProcAddress
CloseHandle
VirtualProtect
lstrlenA
DeleteFileA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
FindResourceA
LocalFree
LocalAlloc
CreateProcessA
FindResourceExA
GetStartupInfoA
LoadResource
IsDebuggerPresent
GetTickCount

user32

SetForegroundWindow
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetClassNameA
PtInRect
GetWindowTextA
SetWindowTextA
UnregisterClassA
SetWindowsHookExA
GetKeyState
LoadCursorA
GetSystemMetrics
GetDC
GetSysColor
UnhookWindowsHookEx
GetWindowThreadProcessId
SendMessageA
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DrawTextA
InflateRect
GetWindowRect
CreatePopupMenu
GetForegroundWindow
CallNextHookEx
DispatchMessageA
EnumWindows
CreateDialogIndirectParamA
SetParent
GetSysColorBrush
GetClientRect
IntersectRect
DefWindowProcA
GetWindowLongA
ExitWindowsEx
DialogBoxIndirectParamA
EndDeferWindowPos
GetClassInfoExA
ReleaseDC
MapWindowPoints
ValidateRect
PostQuitMessage
GrayStringA
DrawTextExA
TabbedTextOutA
DestroyMenu
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
PeekMessageA
GetMessagePos

gdi32

ExtTextOutA
SaveDC
RestoreDC
SetMapMode
ScaleViewportExtEx
PtVisible
SelectObject
SetViewportOrgEx
SetWindowExtEx
DeleteDC
GetStockObject
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
GetDeviceCaps
SetViewportExtEx
ScaleWindowExtEx
OffsetViewportOrgEx
Escape
TextOutA
RectVisible

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

ole32

CoInitialize
CoRevokeClassObject
CoTaskMemAlloc
CoUninitialize
CoTaskMemFree

oleaut32

VariantClear
OleLoadPicture
OleCreatePictureIndirect
OleCreateFontIndirect
SysReAllocStringLen
SysFreeString
SysStringLen
OleCreatePropertyFrame
OleTranslateColor
SysAllocStringLen
SysReAllocString
OleIconToCursor
OleCreatePropertyFrameIndirect
SysAllocString
VariantChangeType
VariantInit

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

f4228cb049acde33150c5fe763f4201f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

ole32

oleaut32

oleacc

Sections

.text Size: 306KB - Virtual size: 305KB

.rdata Size: 227KB - Virtual size: 227KB

.data Size: 89KB - Virtual size: 407KB

.rsrc Size: 203KB - Virtual size: 202KB

.text
Size: 306KB - Virtual size: 305KB

.rdata
Size: 227KB - Virtual size: 227KB

.data
Size: 89KB - Virtual size: 407KB

.rsrc
Size: 203KB - Virtual size: 202KB