TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
General
-
Target
e04cdba2c9443b7a859fb328cf19fecd73b6a91d0964b405d56a42ee0721c671
-
Size
670KB
-
MD5
85b2a7f42dff2d06d9b80acbde26de71
-
SHA1
5bf37573ba0ad897f57f636e7a98aaa24717ab32
-
SHA256
e04cdba2c9443b7a859fb328cf19fecd73b6a91d0964b405d56a42ee0721c671
-
SHA512
b058f4e07184c0506f14901f34534177af01cb14e098fe7f1b393d9808c0f6cc8ecc41f8e240f1a5bde291de519cfd16422c344bac71672ce74a283a1afebad8
-
SSDEEP
12288:A3uIyqWtM1lLMCbXV+kQmlrYezd52Xj/o9BMy5P1wssL6LxbUip41R9tdJsBXsVX:AxWtcIiM7O3zvCj/+Bbtwss+eW4FJsBg
Score
10/10
Malware Config
Signatures
-
Detects executables built or packed with MPress PE compressor 1 IoCs
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
e04cdba2c9443b7a859fb328cf19fecd73b6a91d0964b405d56a42ee0721c671
dc23b4fa73a8645d2cdcb79c320ed34d
Headers
Imports
Exports
Sections