28dddb65385950927db33be8af7a06ab_JaffaCakes118 | Triage

Sharing

General

Target

28dddb65385950927db33be8af7a06ab_JaffaCakes118
Size

356KB
MD5

28dddb65385950927db33be8af7a06ab
SHA1

39e18211cc5b74a9d67436d483a70116d0d67678
SHA256

40a85ce4961603910b0e602a98f8cf1176d1eff9e46f185377d884397d492610
SHA512

8fef691f3177254b9bf63e233b4cb7bf5d66d243520fc3d3a96e3667b06cce333bc5df5a8c7bd7f51608b3719f9d2dacfe748ba1bb8749d56cce97c03a3db632
SSDEEP

6144:0Jx+PEpvyxRgPbCu64Iqp8FK3OOVTaYGMqMpFahHjQ0afYRazP6v:0JxqM6RluzIPF5OVmYtOjQ0fkzP6v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28dddb65385950927db33be8af7a06ab_JaffaCakes118

Files

28dddb65385950927db33be8af7a06ab_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7d42808f452148c24c447393ed33d2db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

UrlEscapeA

kernel32

SetErrorMode
Beep

msvcrt

malloc
free

winmm

auxGetVolume

Exports

Exports

rkzkbo

Sections

.code
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 406B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ