Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
e2c7e3013be11236e65ff0ed111bdbdf_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e2c7e3013be11236e65ff0ed111bdbdf_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Target
e2c7e3013be11236e65ff0ed111bdbdf_JaffaCakes118
Size
208KB
MD5
e2c7e3013be11236e65ff0ed111bdbdf
SHA1
20b8f9cca928878f244ba4bf8093705e2998e47e
SHA256
80122337bd5fd76281a48fbf192c422289a7f90a21b616374c29c4d727ac0b7e
SHA512
2b8f2497aad41a6ed5da15a5ef02881408ee8db412299ffa713b4b1c3ae43cc43559d61469f4b2f2c1f6093ac23fe26231d2b85df7821aa472a08e226bef25f7
SSDEEP
6144:u+vxqaWMPMAZ5Qw87rTmhgjmmHyTdqTo:u+vIaWMMA7QVT3ymHUqTo
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| unpack001/out.upx |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ