Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
KeyGen.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
KeyGen.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
dfxInstall-JRiver-8349.exe
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
dfxInstall-JRiver-8349.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral5
Sample
安装说明.url
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
安装说明.url
Resource
win10v2004-20240704-en
Target
300b9b71f4c18473c9aeb5fbcdf2723a_JaffaCakes118
Size
1.3MB
MD5
300b9b71f4c18473c9aeb5fbcdf2723a
SHA1
fdd5d2f000e0a6ae247e847ed1c488a88f746b69
SHA256
98a86e2a6369127a961bf6f9b5836c4e938e7a30abe54e8a7da6d202ce8594f3
SHA512
abb5336c0348e2d5990a296760014c683d01585c768dee7880d378d77a78c16b9f6af3ec01ef89ef59511009079cd69e60f45f598278187d90a34ed15dadcf41
SSDEEP
24576:RM8mTpmtfACC6kg6LiZMM1VV3LDNmBXSiaDTniYeg91MXN1YC5nlfPnPPPUd1EFJ:ImhACC7gzZMsoXravniY79a4+nlfPnPZ
Checks for missing Authenticode signature.
resource |
---|
unpack001/KeyGen.exe |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
GetKeyboardType
RegQueryValueExA
VariantChangeTypeEx
SetTextColor
waveOutGetPosition
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
WSACleanup
WSAStartup
socket
htons
connect
WSAAsyncSelect
WSAGetLastError
shutdown
recv
setsockopt
send
closesocket
ioctlsocket
gethostbyname
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
GetVersionExA
lstrcmpiA
lstrcatA
lstrcpyA
lstrlenA
_lwrite
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
_lclose
GetProcAddress
LoadLibraryA
_lcreat
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
WritePrivateProfileStringA
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
FreeLibrary
DeleteFileA
_llseek
lstrcmpA
_lread
GetCommandLineA
CloseHandle
GetFileTime
CreateFileA
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
GetFileAttributesA
ExitProcess
_lopen
GetExitCodeProcess
WaitForSingleObject
GetModuleFileNameA
CreateDirectoryA
SetErrorMode
MulDiv
GetUserDefaultLangID
SetCurrentDirectoryA
GetCurrentProcess
ExpandEnvironmentStringsA
Sleep
GetFileSize
SetEnvironmentVariableA
GetModuleHandleA
lstrcpynA
DispatchMessageA
TranslateMessage
PeekMessageA
wsprintfA
GetDC
MessageBoxA
DestroyWindow
CharNextA
LoadStringA
SendMessageA
GetDlgItem
EnumChildWindows
ReleaseDC
EndDialog
GetDlgItemTextA
SetWindowTextA
SetDlgItemTextA
CreateDialogParamA
ExitWindowsEx
EnableWindow
ShowWindow
SetTimer
DialogBoxParamA
GetDeviceCaps
DeleteObject
CreateFontA
RegCreateKeyExA
RegDeleteValueA
RegEnumValueA
OpenSCManagerA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegQueryValueExA
RegSetValueExA
RegQueryValueA
RegOpenKeyExA
RegCloseKey
ShellExecuteExA
_LanguageDlg@16
_PasswordDlg@16
_ProgressDlg@16
_UpdateCRC@8
_t1@40
_t2@12
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ