Extended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Behavioral task
behavioral1
Sample
4f072f0f957935fd83c60c8e55d4d39f_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4f072f0f957935fd83c60c8e55d4d39f_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Target
4f072f0f957935fd83c60c8e55d4d39f_JaffaCakes118
Size
200KB
MD5
4f072f0f957935fd83c60c8e55d4d39f
SHA1
218c10850c231c3da66eb877d3f081fd802f3e4a
SHA256
c4b5e9280a81f6f8d1d4784e7fc2aac2e42ca0b76e58c9ab02ed8c2f491eee28
SHA512
73cc473a451d3a614300b410d15c96a3082b143d750e8cbf41738dc5b23ffc030ada7358d68307017a1a5629bf841f1adad7092f43d037cd3f5dd855dcc1368c
SSDEEP
6144:OhhQmXTdpmQmaax/45v1oxVtAAoLie/Nukk:O7Tdpmxa4/YW/avGkk
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| unpack001/out.upx |
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ