Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Behavioral task
behavioral1
Sample
f0002431ec8fbff0194e7cfad36c385e7c8d64a2ae86b84f89258d486404ff6d.exe
Resource
win7-20231215-en
Target
f0002431ec8fbff0194e7cfad36c385e7c8d64a2ae86b84f89258d486404ff6d.exe.zip
Size
3.7MB
MD5
06761ae0f575e7fe83752a799ad1aab4
SHA1
72009dfccb3ef127b7e27676e1ff19a3bd3062ce
SHA256
e2fe4013e696f82cd6a05076039687cd27343cfbf31d4bae6228bf20056e9dff
SHA512
109c9bde5496bfc3a3e0d1b91d86d28ea7e294ca646aa2d4cd44bd794bb1a89b4da882911c170addbb4c2584b0b9e0d30e0c87c8b2f28044fcc449a35dcf399a
SSDEEP
98304:9w+QABK4wpeD5LDnHeLLKzZ5v8bzkC7Vi:sA5LDn+A0fI
resource | yara_rule |
---|---|
static1/unpack001/f0002431ec8fbff0194e7cfad36c385e7c8d64a2ae86b84f89258d486404ff6d.exe | upx |
AutoIT scripts compiled to PE executables.
resource | yara_rule |
---|---|
static1/unpack002/out.upx | autoit_exe |
Checks for missing Authenticode signature.
resource |
---|
unpack002/out.upx |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ