Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Static task
static1
Behavioral task
behavioral1
Sample
20cb9c0a739e406a6514f72f8a4cc958_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
20cb9c0a739e406a6514f72f8a4cc958_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Target
20cb9c0a739e406a6514f72f8a4cc958_JaffaCakes118
Size
1.5MB
MD5
20cb9c0a739e406a6514f72f8a4cc958
SHA1
a6bb6ad1e4ecf713b9156d1922a24df9e5dfa033
SHA256
06f4b2ec2046f9a1b0e5b3bf170fabf3ddda0ee32c87d4beea125b98d3fa7aa6
SHA512
7a547ec6a93bfd492500c6ce090e4baac2d81b2133c7c87bc441e930ff97fcb178c56f8db0008caf75226281d57a4935ec27c4e0e5b25ed678671c734882f8bf
SSDEEP
24576:sK9R5C60T18zPGdId6DD6k0XwxqonlBQHO2Wdr8yNWUi6jfo7iVq:sKL5g8CmslvYonlBsOT8yNWUBwic
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
FindResourceExA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess
DispatchMessageW
CLSIDFromProgID
VariantClear
�o��t����Fs)�cEq��wش�t�"�/��������+��{��$T�L�D�rMW����\z�5?!-P���e�)I�<�S�e����S�?hr-HB�9�ѐ K"/3�}@:�)t�Hw� W��w�X�d.��7��v?��-tBM3���e�Њ�'������P����^��r��f0O�wA���N�!������s��~��4�{z I�f0.r/��T}�n4��ҏ"PFv���S~}�I'j&'�f9iH�^�!�!}��Zu�51��1�%�㙂��险�UkE)|dԅ�ʥ��~��a�"��4!�- �'���M�{Ŕ(6YbdOc�/� _�����>wD����S�P��f �mcS��G4݄>hiHu� � ى%m��jMդ�F'�t���&ފ�X�\6i����@Ӊ��}�J�~��K��M����Q�u���q�V�5O߇�ZŜ�������g����`N��7 EI5�G���}�c09�� o|����գ�=�fU7��憬�����w\T� �|�Z�5�]r��X�T?hkH�/� ^�܈>����S�/od��d;j+/�fev�:Y��%�J6��ʃ|������ो��A͏c��\i3V���ό��"�%55R�߾�anϦ�}��3U�M�~����W�B������M!x�HD��Z��� ���Pʺ��Hp�p�$�Zv�)�q l;n����t��KD�e�S��YY����3�&��FQ%="EZEo>��J-�M�)1��ߕ��,�5~�짐5�m�\#����6�M�#69ms�+<A���|���|aI�d4Ml�� i�b[��-����_H)���� wh=�(Z.ߖ-%X��M�Έ��bF0�#<6����������6��v�*4R�ĺM����~��`��s��l��0�RL���*p�N�<�1�^\�$��`=�5>�$=�m>���Ķ��=�'����(���?<u���yA���GS���!�#ں�}��Q��c;�V/('X�3��oe*�(y�D���=7��oDK�M\��i���C���>w�F�������W(w-�n���U�?�J�ɡ������ޠ4:3�`�E��0���0Chvj�nҀ��0Ax����|�_!���28K����S�@��\+M �*���qvqZm�mY�T׃t�m�Y- Q��}o��)N��-�*�-N��,Н�ֿ���.��t�S,������~��%��!@=��a@`��$7��"U���Su<d�ۻ��W2r��:�D��$�u�݆���-q�4M�3G ��E;/d�2q<�����1T��e;�X}]SK��8^\d#��������&af�� ���";���*xw���n����l���lꙧ��;g%ӊ���c̱K:-��'��$��`�3��9ĐȦ"�4O�,��A��5�Ă���}�?�9(͛�ו )��=+I�g�:Yvd��:��%�-|�כO�t�Bǰm�F3�z��C����9z��^����.E�t$���l.ա�*�4ڭ�c���.�d��YsZ�η!��]��H`���W��B����N{��������%���?��ϙ;v����j���!d��,��o"{��!�k��@��SҔ�BLE �\��E�~ϓG~�Y�%t�x�<�/*�h����m��f��B�h ${9��!^����������1u�����o=i��R'���<l�9<4h�K�1��|j4"cK���x��ϓ��T�U<��A�`_�Y�������5'r����C��M��7J���J'-4摸��)s�-��ݸ���74vha������ɛ�^O���:��Jzw�����'�������P9�I����%6�S@h��@�w�,;�J����6��� ��oPu���ꁓa�II�?�L����x�mx�J'�i,v��"'���'M쁂3�\h�:N�' �<�����=��4 ��o���B��g�Qģ���~�D� |�#�R#x��D?�535�{��V��^��G���H8a~�fQ ����|X{M�����c���7遄� �P4�����Y�S�V�L-��$ϜfX�^�!X3��h��Ÿ�h**ʃ�xj�liTsQ$4il�,�Y�������B��qdL��N��3}�;Q���p��ڟ��+�N��H�����:������� J(Ε����U���(H�:p���+��x�$T;p�� �vvR��Չ��DՔ8Y���������iT����Z����-�Pf[�(��`$w������k�����Q1�R�ֻ�|U�S�!�ҝb�n�$imJ�Ȏ�tt�s���ۏߠ"�U^}䓒��t����}y��p���8�=� ,I*����\�����cXi���18�5��=y �����%9���m� lO��,Ʉ��� �ɏ�P��C�lܦT���VD`��RP+������8��{���7�2�g������_2���}���eQ~���g��ڙ���a�Wfǜi�=^��ZL\d �%y��c4%[0�I¬��5���0�����Jo{5N@��%%��O���͋���[L�2z��%��uZΘm]r���E�����=�<�� ��) �r�����hF\蜖��m4� '���x��br����k3�0�������}���I�;{�4��y�LT���ia;�ϋ����7e�(��0k�� ,�y�4ޖn��Zl/��a������p��;s���K��e�֏����&Ɔ�}N��b8G�A��-��n�D�7�(+Ł�� "�O#�gPv�^�����-^O����)a���m/�-`y,����G�%P&Ȩ���#��_-���,!xBD'�10�8�<�ʍR���@��}�#D˜��uw��$���[$�Ox�`�\�)ƪ-f��ƺh^y��s��6�`��Uۖߙo�Hs�ǧ�r~��|���w�*�7�ƒ[�_��o�� � �,{k����(�f��[K�QS��W�`ʽ�Z@�J���
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ