Extended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Behavioral task
behavioral1
Sample
4fc441b162d1e169ef3ca7145fdd36a9_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
4fc441b162d1e169ef3ca7145fdd36a9_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Target
4fc441b162d1e169ef3ca7145fdd36a9_JaffaCakes118
Size
202KB
MD5
4fc441b162d1e169ef3ca7145fdd36a9
SHA1
46e83297bd1173d0ec4c91fae662e3f2a77f4ffb
SHA256
6e6dc7c19d1cab4b1fc9c3339fa966a7f1b05ce3b1f064b517e337fbae1382cd
SHA512
676d6ce1e88cfdd7fec8e7c260ee7b7cfecf6e9afff5927f6ebfb67d0c80e0bdf9d1236f79f4cf8abaaad707f64d82a7695efad28fe45ad10c33e940d3eab3f0
SSDEEP
6144:z0YhjwuTT396HSjGT7UZ5SPzcxt4lKBIFG3o+v:FhjfTTHBkc4lGVv
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| unpack001/out.upx |
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ