Extended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
Behavioral task
behavioral1
Sample
833c5cd48a11db403f8760353a963490_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
833c5cd48a11db403f8760353a963490_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Target
833c5cd48a11db403f8760353a963490_JaffaCakes118
Size
202KB
MD5
833c5cd48a11db403f8760353a963490
SHA1
628bf36b213ccacd59865aa80ea1aba98bf2c1d9
SHA256
9c46b98fb7fab8cc650e446c0ed276ecb86c360241ffd9a11257e370eecf130a
SHA512
158b19a7603129887ca25f8c838673c383ad50eb8b03e3c873cbc990858028b09758fb0977798dccb094ddfd508033c042910d080953a6c1f1a29638d95ff36d
SSDEEP
3072:11lgKarBjCfYJ2Gkwf+uthTGF/Pke0A9Xoi+eMHZV4WoA65AcM6vQwQAEnd:11mKx+dtE5PkuXohHZVFr65rQAi
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| unpack001/out.upx |
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ