Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Behavioral task
behavioral1
Sample
4f22b422cc4437d13e1b90aad3dc3b36_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4f22b422cc4437d13e1b90aad3dc3b36_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Target
4f22b422cc4437d13e1b90aad3dc3b36_JaffaCakes118
Size
205KB
MD5
4f22b422cc4437d13e1b90aad3dc3b36
SHA1
b1bf1422351a2d20f34f77f6575ee4df1231ca6f
SHA256
578d83ce82940424b4a6e44cdd9324c2bdd44028311ce7e2afdc4a0da3ec188b
SHA512
6f335c6a48d0a7a2297ba73aa9c443acade60d04322901365cb96f426c476d75e995681c4faf014ae228b3639971ea29d6a5d7ae72944c89f86bbdec0d70a2ef
SSDEEP
6144:FvZ2IZbgekfZLlGGKZp+s8ohYRNudNI6czXVRG6:FvZ1bge0LMPjpORN8I3VRG6
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| unpack001/out.upx |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ