Extended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Behavioral task
behavioral1
Sample
3faac1450d0412b19579f944644e8c59.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
3faac1450d0412b19579f944644e8c59.exe
Resource
win10v2004-20231215-en
Target
3faac1450d0412b19579f944644e8c59
Size
200KB
MD5
3faac1450d0412b19579f944644e8c59
SHA1
1e7ec9fa4a0ea0366d76a742fe98cb44cf59bace
SHA256
e5d94184dcb23a8c85d96c92435b26d2cf292a6b9d4e28c02a1d441eb4a3b6a3
SHA512
e2ea808cf80ece193469fd52e38eb731c6d7f26ed14ad883a2515478e3881b7c57da288875023a8701199a52a4eedb2c84038331bd61e1d02fe8d6997870c20e
SSDEEP
6144:B7oBtDkJ3abnk6cV+EwmAoBNcX2NOkpwCi21gRQnfRV2ZGhjYx:B78AqbaVcmAo7cGNpwCi+eQZV2ZGNYx
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
unpack001/out.upx |
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ