Overview

overview

10

Static

static

10

JaffaCakes...16.dll

windows7-x64

10

JaffaCakes...16.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_489e7ef8892da96762561f945ab244100a9cc23eecb341c01f55d1e382f1a316

  • Size

    217KB

  • MD5

    f8f47764f5b13c65987da4208c29a25e

  • SHA1

    5a5a1a5ddacd3808435cb2db896fd0c11e0388bd

  • SHA256

    489e7ef8892da96762561f945ab244100a9cc23eecb341c01f55d1e382f1a316

  • SHA512

    0056c963665f57b9cafe443a9b7596e2af50ff28353d55ef9293904675eefb3f328bf1470adabcc38766733cc9177f0e7125278771200f4f0b2e6c656f36638b

  • SSDEEP

    6144:P7yxicJkHct0qcAsMot4h2vuufXigJsSbf:PeZrt9sMoy8vuutJsSj

Score
10/10
packertrickbot

Malware Config

Signatures

  • Trickbot family
    trickbot
  • Templ.dll packer 1 IoCs

    Detects Templ.dll packer which usually loads Trickbot.

    packer
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_489e7ef8892da96762561f945ab244100a9cc23eecb341c01f55d1e382f1a316
    .dll regsvr32 windows:4 windows x86 arch:x86

    25d7ed1fe103d0dc82fc8e01a61c788e


    Headers

    Imports

    Exports

    Sections