Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Behavioral task
behavioral1
Sample
4b5167c1ded8f5a8c389c5dcb6a3841d_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
4b5167c1ded8f5a8c389c5dcb6a3841d_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Target
4b5167c1ded8f5a8c389c5dcb6a3841d_JaffaCakes118
Size
205KB
MD5
4b5167c1ded8f5a8c389c5dcb6a3841d
SHA1
c9c34a8eec7faab524c5afb67112af1f335abd44
SHA256
32357476968b4bf480723e2ab2fca63480f04db7b0e8878830c3918c0b34790f
SHA512
9f49f98be6a8ce2c02ef8f9e04b58bf7d31b2d1785a24cf7aa377cd836d2b5c948808c29a7ac25a345e20d066cd0bf5c7a03ca703dc03c38a41a1af39fbd9942
SSDEEP
6144:oKqQGZ33GYS29XS3FsJeYFLJ5c2uc0RWt3RNh:Hq1Z3S2WoJtuXWtBj
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| unpack001/out.upx |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ