Extended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
Behavioral task
behavioral1
Sample
788c915c5246c3a57c0146343479169a_JaffaCakes118.dll
Resource
win7-20240704-en
Target
788c915c5246c3a57c0146343479169a_JaffaCakes118
Size
219KB
MD5
788c915c5246c3a57c0146343479169a
SHA1
6f7362186ab15986559345f1c1aa4c77778d21d5
SHA256
126da9eada0a27c939d44932182ba2653ea5cc6fec6e2ea3293be306ee4eb8ce
SHA512
a65f9c9b78767b89a2f8091afe910de40f5ed79274ce71e6b0007c42b5d9d65363320a24b1f83d4d117cf4a033aa6a97e286cec5fcd2a6aecebe857221333153
SSDEEP
6144:YkHIoJQsIOUwpOKwdj0+EstgYax8qluolfAAzNWoSV:YkooKsIqL+eoeJzsoSV
Detects file using ACProtect software.
resource | yara_rule |
---|---|
sample | acprotect |
resource | yara_rule |
---|---|
sample | upx |
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE