Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
9eb51e1e61836355b2f58940d17df047_JaffaCakes118.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
9eb51e1e61836355b2f58940d17df047_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Target
9eb51e1e61836355b2f58940d17df047_JaffaCakes118
Size
14.9MB
MD5
9eb51e1e61836355b2f58940d17df047
SHA1
3e71699001b79c1632e1390750182d5432efe5f7
SHA256
7130b2d0fa07e86d96edde99e4df456f37196109df17edcb8e7aa6ac9e4a2e55
SHA512
4c9233baf4f08338017a3089f80fe052ee9337b1c8c77e16ee60719e1cf6e0df679723f74ed76875ab354ca5f4ba51cb1a10197b9e4c8760f5d598dea509692b
SSDEEP
393216:eAYgZByNnyOaW7pzuZNt1bCu+0R5JGghg8vHx:eApZFOb7pzuZ1bCmfHhdvHx
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
d:\work\showrl\product\SinaShow\trank\3.5\Show_Release\installhead\install.pdb
GetCurrentDirectoryW
GetTempPathW
SetLastError
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
FindClose
FindFirstFileW
FindNextFileW
GetFileSize
SetFilePointer
SetEndOfFile
CompareFileTime
GetSystemInfo
GetProcAddress
GetModuleHandleW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
SetUnhandledExceptionFilter
SetThreadPriority
GetCurrentThread
GetCurrentProcess
SetPriorityClass
GetModuleFileNameW
GetShortPathNameW
OpenProcess
OpenEventW
GetPrivateProfileIntW
GetPrivateProfileStringW
lstrlenW
GetCommandLineW
CreateMutexW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
QueryDosDeviceW
CreateProcessW
GetStartupInfoW
Sleep
TerminateProcess
lstrcpynW
FreeLibrary
LoadLibraryW
OutputDebugStringW
TerminateThread
FormatMessageW
CopyFileW
SystemTimeToFileTime
GetFileAttributesW
HeapFree
HeapAlloc
GetProcessHeap
InitializeCriticalSectionAndSpinCount
ReleaseMutex
CreateProcessA
GetModuleFileNameA
DebugBreak
IsDebuggerPresent
OutputDebugStringA
ReadProcessMemory
IsBadReadPtr
GetTimeFormatA
GetDateFormatA
GetSystemTime
SetFileAttributesA
GlobalFree
DeviceIoControl
GlobalAlloc
InterlockedDecrement
GetVersionExA
RtlUnwind
RaiseException
HeapReAlloc
ExitThread
CreateThread
UnhandledExceptionFilter
GetSystemTimeAsFileTime
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
HeapDestroy
HeapCreate
QueryPerformanceCounter
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FlushFileBuffers
InterlockedExchange
LoadLibraryA
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetThreadLocale
lstrlenA
InterlockedCompareExchange
SetCurrentDirectoryW
DeleteFileW
CreateDirectoryW
RemoveDirectoryW
SetFileAttributesW
CreateFileW
SetFileTime
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSection
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
CloseHandle
GetVersionExW
VirtualFree
VirtualAlloc
DeleteCriticalSection
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
WriteFile
GetStdHandle
ReadFile
GetModuleHandleA
GetLastError
UnregisterClassA
wsprintfW
CharUpperW
MessageBoxW
LoadStringW
PostMessageW
MessageBoxA
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
GetAclInformation
GetAce
EqualSid
AddAce
AddAccessAllowedAce
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
SetFileSecurityW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetFileSecurityW
GetSidSubAuthority
InitializeSid
GetSidLengthRequired
RegFlushKey
RegCreateKeyExW
RegSetValueExW
GetSecurityDescriptorDacl
CLSIDFromProgID
CoUninitialize
CoInitialize
CoSetProxyBlanket
CoCreateInstance
SHGetFolderPathW
ShellExecuteW
SHChangeNotify
ShellExecuteExW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
VariantClear
SysAllocString
VariantInit
SysFreeString
PathFindFileNameW
PathAppendW
PathRemoveFileSpecW
PathRemoveExtensionW
PathFileExistsW
PathStripPathW
PathSkipRootW
GetProcessImageFileNameW
InternetConnectW
InternetSetOptionW
InternetOpenW
HttpSendRequestW
InternetReadFile
InternetCloseHandle
HttpOpenRequestW
MiniDumpWriteDump
recv
send
connect
socket
htons
gethostbyname
getservbyname
gethostbyaddr
inet_addr
gethostname
WSACleanup
WSAStartup
closesocket
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ