TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
General
-
Target
c735d8a748fd5cd9f06e4a7ffaaf8de10ff6e0f174c5783c69b26df62c9efccb
-
Size
13.8MB
-
MD5
2e54a6d9a9603ecfff1475b17af7e280
-
SHA1
5a0406038bba3b138b48319ad417406892c77855
-
SHA256
c735d8a748fd5cd9f06e4a7ffaaf8de10ff6e0f174c5783c69b26df62c9efccb
-
SHA512
9e36621e568b13788924e8cbea04bcaf27a757f48db370e92d6a399c495a680d300ba52a6aa6552524d74090dd83b61484709c9a68bf28c864b47b2dddb4c842
-
SSDEEP
393216:x63ZVK9Blx6lYuQOxGAo4eSH2qHmfMh1uhsW8hpwy9CMw:x8ZVKvyhxGK3ZGflsW8/f43
Score
7/10
Malware Config
Signatures
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Files
-
c735d8a748fd5cd9f06e4a7ffaaf8de10ff6e0f174c5783c69b26df62c9efccb
Headers
Sections
-
out.upx
Headers
Exports
Sections