Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
Behavioral task
behavioral1
Sample
JaffaCakes118_5c2bd9b7bc789a589cd2bc2581df13da.exe
Resource
win7-20241010-en
Target
JaffaCakes118_5c2bd9b7bc789a589cd2bc2581df13da
Size
548KB
MD5
5c2bd9b7bc789a589cd2bc2581df13da
SHA1
5238546f19e2690460a72fb8c7eaf1d72fac7514
SHA256
2b3bcce21fb639981c04cfe6762ca7c2c7a85252c98636558562b574334e0d0d
SHA512
48ff2a88eab997edc87e3063f8361c42fea55d7d3606d278f5ae756f0d7e14bbacb9c5ffb0990deec546de8bea1e4e621465ec97eb81b57fb8a57e626eb46ce0
SSDEEP
12288:axXkMRMVb4eMPAMjJy08J4UAT0OZMCL4LL9R1ctiYMMyw:a9kMR6EZTVbu4US0OmvL9PXYMMyw
| resource | yara_rule |
|---|---|
| sample | upx |
Checks for missing Authenticode signature.
| resource |
|---|
| unpack001/out.upx |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ