Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Behavioral task
behavioral1
Sample
504cdb46380144ee8d801983528c7fae_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
504cdb46380144ee8d801983528c7fae_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Target
504cdb46380144ee8d801983528c7fae_JaffaCakes118
Size
323KB
MD5
504cdb46380144ee8d801983528c7fae
SHA1
74b6d033597186ede979e49ae26782e4918458fc
SHA256
85282479b7ac16b296339310427b72122b60b5f5efdb09c5bf1f8604b57acaca
SHA512
15fcf93b668a808f3e8ce49ca47b1d4514165a4047c901c8c8424fca7f38c4191764cb9747476c4b94582d7482e42d4d461c033f3dd52c781a8a1bb121b52697
SSDEEP
6144:u0JeoDtaoZT2VIC2GVWNbnoQXuW893NcRjB0tjtms7Xwi9J5b6D5:uAtaowd2GobnoQ+PiRYms7A20
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| unpack001/out.upx |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ