Extended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Behavioral task
behavioral1
Sample
4aedccb886b357f3955cf92257e84b91_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4aedccb886b357f3955cf92257e84b91_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Target
4aedccb886b357f3955cf92257e84b91_JaffaCakes118
Size
201KB
MD5
4aedccb886b357f3955cf92257e84b91
SHA1
70f7f9b832d853df1b79a26bd45de80af4f7744e
SHA256
75faeae78c77e0b0be5d2b90389b3d9ed92fb4f4fc0dea38f5c39fe18a1b502b
SHA512
3470c3d8f8e9462351995dc5d8e9ae17b065dafb9d29674d8aa45224b4f3391649274622c67e798049b308438b9ddc434edecd616f47bb129ccf1131c18ed07a
SSDEEP
6144:hD2JXPXyZe2sgp76QGfHCIjEcqRT++ibBH/:d2J/oEHCIjEP+RbBf
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| unpack001/out.upx |
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ