DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
General
-
Target
d633b50c163bd81f57cbb138abb203a6_JaffaCakes118
-
Size
535KB
-
MD5
d633b50c163bd81f57cbb138abb203a6
-
SHA1
8c8ba60966f989c2a410c273ec9f8a7c754160bf
-
SHA256
5c09211a55560ea5fca4ab80b73577574c7e377ba3b9eeb0776063dbe3f9269c
-
SHA512
a090f07bf21d7e6c5d021103698aadc23729b587033d3f11ecd5c5ea348496f74823fa363d042a958fc61ccefc49efba1b775e1f2c543f61794cbab13ddabe72
-
SSDEEP
12288:eiVWm5GzwTUSc5O/oXYWu/JUg9gfP2pecs2MmC:eML5vUScw/oXYBBoX2phD2
Score
7/10
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
d633b50c163bd81f57cbb138abb203a6_JaffaCakes118
Headers
Exports
Sections