Extracted

• 9ef9e29a93154b3c7c87191972f20f44_JaffaCakes118

  .exe windows:6 windows x86 arch:x86

  
  

  Code Sign

  13:99:8b:94:80:8c:01:75:b9:4c:67:ff:89:8e:45:bf

  Certificate

  Issuer

  CN=Microsoft Corporation

  Not Before

  26-12-2018 02:28

  Not After

  31-12-2039 23:59

  Subject

  CN=Microsoft Corporation

  25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c

  Certificate

  Issuer

  CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

  Not Before

  08-08-2009 01:00

  Not After

  08-08-2024 01:00

  Subject

  CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91

  Certificate

  Issuer

  CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

  Not Before

  08-08-2009 01:00

  Not After

  08-08-2039 01:00

  Subject

  CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  b2:ce:de:4f:10:c2:7d:65:e7:8e:1f:0c:fe:7f:35:22:c3:12:a0:3b

  Signer

  Actual PE Digest

  b2:ce:de:4f:10:c2:7d:65:e7:8e:1f:0c:fe:7f:35:22:c3:12:a0:3b

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Sections

  UPX0

  Size: - Virtual size: 624KB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  UPX1

  Size: 445KB - Virtual size: 448KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 1024B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

• out.upx

  .exe windows:6 windows x86 arch:x86

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Sections

  .text

  Size: 840KB - Virtual size: 840KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .zzzstuc

  Size: 512B - Virtual size: 138B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .zzzstuc

  Size: 1024B - Virtual size: 634B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .protect

  Size: 512B - Virtual size: 403B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .dududu1

  Size: 1024B - Virtual size: 675B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .dgdg44

  Size: 512B - Virtual size: 42B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .dgdg22

  Size: 512B - Virtual size: 121B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .dugdug3

  Size: 1024B - Virtual size: 774B

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .daada33

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .dadaa11

  Size: 1KB - Virtual size: 1KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .ddada22

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 116KB - Virtual size: 115KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 8KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 26KB - Virtual size: 26KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ