03c95368326a92e1ebea9af51ab0ca37_JaffaCakes118 | Triage

Sharing

General

Target

03c95368326a92e1ebea9af51ab0ca37_JaffaCakes118
Size

24KB
MD5

03c95368326a92e1ebea9af51ab0ca37
SHA1

4878e647a4b05df05a7096c7be9a427a01362cf9
SHA256

c3e2a7c78b33f346c9b026aaee447a24a306b4785e8010a4747505afc93b7b59
SHA512

f21499e257e8eacaa092920a7d77bd9af0dc1c0f86303104eebcce05c95fa86634f62e16f14f7712467ec7dfdfe9b59859b12625e6ca7433903edf04ea415895
SSDEEP

96:HZAlMDPWFTknu6wYicZnw9uvqMceASn0/fl66rWy+56NsAbrlIWW7BTyOhB9njit:5ASDwzeicJWolBAS0OAiAvlIWQFy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
03c95368326a92e1ebea9af51ab0ca37_JaffaCakes118

Files

03c95368326a92e1ebea9af51ab0ca37_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ