TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
General
-
Target
740e707a8f609abc4a30191ff72ffdb9_JaffaCakes118
-
Size
3.8MB
-
MD5
740e707a8f609abc4a30191ff72ffdb9
-
SHA1
93c1518d9580753a9e19daa9f2547e79065b6538
-
SHA256
69078af846ea799f1038688469a9dd4b40a25a963a9dd7c0d6079afa2070b2b8
-
SHA512
d86f7d7da5b7965e610427c2db2cdaf12444709cedfe0565bebb6029c01f0133029c202e7c5707e34955fab6dd30d98242c289e36a5e1004f283477dd5ca1b32
-
SSDEEP
98304:uZuarCtWyX0p+tUFHtrXCDHGkSn8b+vPdV:uZHrzyG+2aDHGkS8Cf
Score
7/10
Malware Config
Signatures
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Files
-
740e707a8f609abc4a30191ff72ffdb9_JaffaCakes118
Headers
Sections
-
out.upx
Headers
Exports
Sections