Extended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Behavioral task
behavioral1
Sample
fc7194217eefa41746e3d4155f8a5731_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
fc7194217eefa41746e3d4155f8a5731_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Target
fc7194217eefa41746e3d4155f8a5731_JaffaCakes118
Size
202KB
MD5
fc7194217eefa41746e3d4155f8a5731
SHA1
8e97a9ecd133308bf19483c61119865665dbf5a6
SHA256
e23f77f01db70121a7be6fb70c826294f468d89d0a857548fc57835d83fb5496
SHA512
1e36cdac625983c782126f2a29a1c6a9805f9472ec3175b55600e2247517b5e95ef8733bb3e4be81856fb70e470a6bc33404325d6e8187b0909634f0609a782b
SSDEEP
3072:21lgKarBjCfYJ2Gkwf+uthTGF/Pke0A9Xoi+eMHZV4WovThXcY7UmA:21mKx+dtE5PkuXohHZVFshMbD
Processes:
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
Processes:
resource |
---|
unpack001/out.upx |
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ