Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
Behavioral task
behavioral1
Sample
4d74f802cdb0a619ced97c941393e2c4_JaffaCakes118.dll
Resource
win7-20240708-en
Target
4d74f802cdb0a619ced97c941393e2c4_JaffaCakes118
Size
158KB
MD5
4d74f802cdb0a619ced97c941393e2c4
SHA1
a29625885d28cb928b504f8446118c86f100e43e
SHA256
460154eafaca40bfdca3fc456d623baaffa39eec63d3d0ba4d2f2c1044e7d82d
SHA512
770be8a936707d84b8c725e7b3d308ac2fabc423f6f9e8b40b5671db75f95603f57f1b9ab38c8e9e10b2f7abab1e017248e42bd1f34560aeef57b3af07ba7932
SSDEEP
3072:o0/y8vBRbrYWNTVk3fZFpwaBDe/QolX93fPcsm1J5Xa+aTKJC:o0/DJdYWuJs/ltcpXaJTKo
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE