Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Behavioral task
behavioral1
Sample
fbab06c7be78579e1500650928901804_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fbab06c7be78579e1500650928901804_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Target
fbab06c7be78579e1500650928901804_JaffaCakes118
Size
318KB
MD5
fbab06c7be78579e1500650928901804
SHA1
6f2f2e904e85d19380be925eeaa5e22b30e74574
SHA256
2fd5bb84ba958d02f5b02f6d16fccc68df6434204584aaabdc570cc7a631d243
SHA512
875f9f1e52dbef553c61a854f7b33aa142adf63f81ab89f3b773050edb23d55d6a2ef92f71813779b27314cc3b3a50b82bdf49b428d8ceb92a113cb4fb1ec6c4
SSDEEP
6144:iR2R8i4jwJq6W4Qmp6rD1rRBttWoPLj0Cw6HRxEJpz76VutsxEJmk:CG8jjwJqoQGe1nttdPLJfzEJF20XE
Processes:
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
Processes:
resource |
---|
unpack001/out.upx |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ