Extended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Behavioral task
behavioral1
Sample
4fa74f1bb0ab41268431c8828bd0c70f_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4fa74f1bb0ab41268431c8828bd0c70f_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Target
4fa74f1bb0ab41268431c8828bd0c70f_JaffaCakes118
Size
202KB
MD5
4fa74f1bb0ab41268431c8828bd0c70f
SHA1
cd9f4b641a73ba40e9e0a7f013614353967c3132
SHA256
bd25ff1d849febe97a26db50bb0aba543607af0ac5c441cb95982cbd5b6a9cbb
SHA512
0a94a59b0ccc04eb004b665621e09ee67976e6ca74afbe918dc6f3816f9b59e6e6339057c6363be96b8d1b6073bdedefa0e1f6c28a3aa932ce4246b60797a705
SSDEEP
6144:xiOcIXzm0+kxjqaiI6nt51zrOpw6P5b8xnMS9:xtDz+I2aiIa51Ow6J+nMS9
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| unpack001/out.upx |
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ