57174caeb87d8e2e23858309936e58d7_JaffaCakes118 | Triage

Sharing

General

Target

57174caeb87d8e2e23858309936e58d7_JaffaCakes118
Size

156KB
MD5

57174caeb87d8e2e23858309936e58d7
SHA1

0bb8953b3570a802740893406a1e3a96e296cf7b
SHA256

99b32b5863f456295587a9a32a265cebbbd5feb6f8b8b26a24f89fecf35496bd
SHA512

2a52af33cbe2509abde466a4418fbec15bcffda77fbb6c3da70ddc80788da28555f1d5f28311685b8e15a41176fbc8f04d1a9f33de4bb0d547da6f20543560b4
SSDEEP

1536:kIzKi/Qpnt9WrrO+xqzdYEi9aA9eY5THEhrjUGzBwQJN2otjLGu4yRmWxBP:kIzp/Gt9WvBxqFAR+rQAwQOwnM2z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57174caeb87d8e2e23858309936e58d7_JaffaCakes118

Files

57174caeb87d8e2e23858309936e58d7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

446e6dc2bfbafbd3bb950b2d51b2ecaf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutGetVolume

kernel32

LocalAlloc
TlsFree
TlsFree
TlsAlloc
TlsGetValue
LocalFree

Exports

Exports

MountainSnapshot

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ