Extended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Behavioral task
behavioral1
Sample
95d1fddb6cb5de4241b547c1f684675f_JaffaCakes118.exe
Resource
win7-20240704-en
Target
95d1fddb6cb5de4241b547c1f684675f_JaffaCakes118
Size
591KB
MD5
95d1fddb6cb5de4241b547c1f684675f
SHA1
64b35018b467a97ac7b71b985f8bf75c8f5d9c19
SHA256
59ace4cc4e3ca9acc72a5fd8a2e16b256e63a45f48de3f47bbfe36b2c6c4230d
SHA512
edc95a700b089b6a5840eff060c3bbc69709c95c8f0622e57195f122bdd6884076821433dbb8984142aa15d43ab2854d7581732ee01cd16b83cb5490cf36cbd9
SSDEEP
12288:n8CmFo249iRVFD4Ez+q/uiGIUx9Z/W37NqCWaypPe2qh:n8PCP9iRXdz+qdGIU7J8NqCWzpPXqh
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
unpack001/out.upx |
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ