Overview

overview

7

Static

static

7

paul.dll

windows7-x64

7

paul.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    875e284c7d787160e77ab9f11fbac870_JaffaCakes118

  • Size

    428KB

  • MD5

    875e284c7d787160e77ab9f11fbac870

  • SHA1

    c5123586ee745e3c604a6c13aee7e83c1c64b094

  • SHA256

    1cde94da8cfc9597e52cfc456c7d230426e3a954b866378d0ebc10256e44141c

  • SHA512

    458d91715060a80346e020596852b01406149f9aedcbccff7dba90485578cb8ae5391297b1a2a9e9f6b4bacc54ca75407e479c9ce9a9e4a27e9ff9396a8014fd

  • SSDEEP

    12288:DW2K3FMg51agqOIEfARXbh8Pa6rrBiCPD8CTZY6hRgM:yKgYDOI4A918rr4CrRRR

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 875e284c7d787160e77ab9f11fbac870_JaffaCakes118
    .rar
  • Fable3_nodvd_v1.0/paul.7z
    .7z
  • paul.dll
    .dll windows:5 windows x86 arch:x86

    484855496f2cb255de3f4baba6592e79


    Headers

    Imports

    Exports

    Sections

  • Fable3_nodvd_v1.0/readme.txt