Extended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
Overview
overview
7Static
static
7b0c77f2434...18.exe
windows7-x64
7b0c77f2434...18.exe
windows10-2004-x64
7$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$TEMP/aeac...up.exe
windows7-x64
3$TEMP/aeac...up.exe
windows10-2004-x64
3$TEMP/aeac...ata.js
windows7-x64
3$TEMP/aeac...ata.js
windows10-2004-x64
3$TEMP/aeac...x.html
windows7-x64
3$TEMP/aeac...x.html
windows10-2004-x64
3$TEMP/aeac...PIE.js
windows7-x64
3$TEMP/aeac...PIE.js
windows10-2004-x64
3$TEMP/aeac...app.js
windows7-x64
3$TEMP/aeac...app.js
windows10-2004-x64
3$TEMP/aeac...min.js
windows7-x64
3$TEMP/aeac...min.js
windows10-2004-x64
3Behavioral task
behavioral1
Sample
b0c77f243441048c1301981e2507ad5e_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
b0c77f243441048c1301981e2507ad5e_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240729-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$TEMP/aeac2814-61bf-4a12-8b11-c5ea3cfa382c/Setup.exe
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
$TEMP/aeac2814-61bf-4a12-8b11-c5ea3cfa382c/Setup.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
$TEMP/aeac2814-61bf-4a12-8b11-c5ea3cfa382c/data.js
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
$TEMP/aeac2814-61bf-4a12-8b11-c5ea3cfa382c/data.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
$TEMP/aeac2814-61bf-4a12-8b11-c5ea3cfa382c/index.html
Resource
win7-20240708-en
Behavioral task
behavioral10
Sample
$TEMP/aeac2814-61bf-4a12-8b11-c5ea3cfa382c/index.html
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
$TEMP/aeac2814-61bf-4a12-8b11-c5ea3cfa382c/web/css/PIE.js
Resource
win7-20240705-en
Behavioral task
behavioral12
Sample
$TEMP/aeac2814-61bf-4a12-8b11-c5ea3cfa382c/web/css/PIE.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
$TEMP/aeac2814-61bf-4a12-8b11-c5ea3cfa382c/web/js/app.js
Resource
win7-20240704-en
Behavioral task
behavioral14
Sample
$TEMP/aeac2814-61bf-4a12-8b11-c5ea3cfa382c/web/js/app.js
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
$TEMP/aeac2814-61bf-4a12-8b11-c5ea3cfa382c/web/js/formcontrols.min.js
Resource
win7-20240704-en
Behavioral task
behavioral16
Sample
$TEMP/aeac2814-61bf-4a12-8b11-c5ea3cfa382c/web/js/formcontrols.min.js
Resource
win10v2004-20240802-en
Target
b0c77f243441048c1301981e2507ad5e_JaffaCakes118
Size
370KB
MD5
b0c77f243441048c1301981e2507ad5e
SHA1
125b1783102aad15a09df672df6b11348080f787
SHA256
c149e713939d27041fb26bb9de73c7c0f57af56a66bec0620952188cdcf9f192
SHA512
553da8b271f64c61365006806728dfaae7a0867fe18abf251f1e0a4ca284b981fed6cda0f3798d4534a6ac768a14b6bd4594e2d51f2b2a0e7e53d4ede605825a
SSDEEP
6144:+JS29KBlXDmJL09V73/8ZIgeqDIsiF9LBWTG7Y/nvQ5eUCG4Zyt/LCQVgFj0yJ:Yj9KTmJL8pWqK+6TcY/CAlYt/WQmTJ
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
unpack001/$PLUGINSDIR/System.dll |
unpack001/$TEMP/aeac2814-61bf-4a12-8b11-c5ea3cfa382c/Setup.exe |
unpack001/out.upx |
resource | yara_rule |
---|---|
static1/unpack001/out.upx | nsis_installer_2 |
ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect
wsprintfA
StringFromGUID2
CLSIDFromString
Alloc
Call
Copy
Free
Get
Int64Op
Store
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ