Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Behavioral task
behavioral1
Sample
ffef67e6b2dd82b6e9c29ea704c7b94f_JaffaCakes118.exe
Resource
win7-20240704-en
Target
ffef67e6b2dd82b6e9c29ea704c7b94f_JaffaCakes118
Size
556KB
MD5
ffef67e6b2dd82b6e9c29ea704c7b94f
SHA1
de5dc2cd89a495b756b14173de3d9dc3aa7c6335
SHA256
8672f47b5258edd6fbb3cf04fca918f3c35d5d05402688f8ce93ac7817e4905b
SHA512
0dac5df4d30842b2ccd21923cac2ba5c05b9fd032814c3a27a07db3cdcb2666870e293d5606c885735ddac7eae5e51162666abdb232baa378f4345ef797621cc
SSDEEP
12288:bGMecf+Nmyspn+6Sw6GgxCQZr3ASrH/9J62I5/wRRE6Vgd45ooLP8HjMMrL:bGZcmNmyTZGgxCs31b62AoRRE6ud455U
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
resource |
---|
unpack001/out.upx |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ