Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Behavioral task
behavioral1
Sample
4f523f8d875eca608e5fdb2f0499c336_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
4f523f8d875eca608e5fdb2f0499c336_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Target
4f523f8d875eca608e5fdb2f0499c336_JaffaCakes118
Size
241KB
MD5
4f523f8d875eca608e5fdb2f0499c336
SHA1
d649ec424e4c50932b2a4026583ddb83bc77efd9
SHA256
3505efbc5e68246d8c30b74bf13a3b80bf2517fd3c1728d77cb9deb17c1c4306
SHA512
73204dd608361a144f19c5d505c68b4380f3c6def373fce82e356df40b6585628386a30ed1ce164072a19dde8519d375ea7aca37848df7156d2fe190fe0e159e
SSDEEP
6144:F7n5WPqr2GTsNs7tbYvAWjVYjAmAcV7aklBnDGJ5vDt:F7n5WPqFsNU8XV2PaklBnD6Dt
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| unpack001/out.upx |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ