Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Behavioral task
behavioral1
Sample
fad3b795d5fe77337af6fa8ef46b4d17_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
fad3b795d5fe77337af6fa8ef46b4d17_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Target
fad3b795d5fe77337af6fa8ef46b4d17_JaffaCakes118
Size
341KB
MD5
fad3b795d5fe77337af6fa8ef46b4d17
SHA1
ea4114f7b95ab39c423597aa926088ed91a90d34
SHA256
350e9f4d77e391042b4d8abe2bf064f592437154cafd71f5c80ba9502571f08d
SHA512
494b26e98c54fccadb449dd99f58c015b51c9097e18f888bd0a30178e29a8db157dca39375624355f4b2987afa31fdbfe8c9bd15099260e19c7429e7f4a9a1d7
SSDEEP
6144:5fZ/nwzIhoZib9i0ju9BKVoEZUWXxYfzfPQ6CbOjYQ6YrMBArO:5fpPOZiBiq3zxXOfzfPvjf6YrMBuO
Processes:
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
Processes:
resource |
---|
unpack001/out.upx |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ