General

  • Target

    26f56f96faacbb2c3830b87eabf95711_JaffaCakes118

  • Size

    4.1MB

  • MD5

    26f56f96faacbb2c3830b87eabf95711

  • SHA1

    e7f693658970d276a0a3d9e6e266c654ed3e8aa1

  • SHA256

    b658ac8e4704e00835796b89d044846b849ad17891757b392e21fe7593cd148a

  • SHA512

    c851fc21baba83224d330554bc1d2d6f41bf5ea0991ae1841dd8aa90c9d0ee8c1ad3c70482fa6c95cf7590929867f1e19eb868998e1c941f49fc9097c9f7b762

  • SSDEEP

    98304:Pj+2GP6aNT8bn19nJmS69w3qe+OjYTkRzZzQt2VoOHSUpZ8tSISXvi4WQU:L+3xNT8bn19nz69weoqcZzQtMPSUpZ8P

Score
7/10

Malware Config

Signatures

  • ASPack v2.12-2.42 2 IoCs

    Detects executables packed with ASPack v2.12-2.42

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs

Files

  • 26f56f96faacbb2c3830b87eabf95711_JaffaCakes118
    .rar
  • setup.exe
    .exe windows:4 windows x86 arch:x86

    18b26e3ef7317852fa83fde4ebd910ac


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    57354bdeea3dfae6e948101add87501a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/options.ini
  • $PLUGINSDIR/userorg.ini
  • AC_words.txt
  • Boxer Website.url
  • Boxer.chm
    .chm
  • Boxer12.ico
  • BoxerCalc.exe
    .exe windows:1 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • Built By Boxer.gif
    .gif
  • Buy Boxer.url
  • Ctags/COPYING
  • Ctags/README
  • Ctags/ctags.exe
    .exe windows:4 windows x86 arch:x86

    4193f3f57d6cfdd2c70ff37f6b85548c


    Headers

    Imports

    Sections

  • Ctags/ec56w32.zip
    .zip
  • ctags56/.mk_mvc.mak.swp
  • ctags56/COPYING
  • ctags56/EXTENDING.html
  • ctags56/FAQ
    .vbs
  • ctags56/INSTALL.oth
  • ctags56/NEWS
  • ctags56/README
  • ctags56/argproc.c
    .vbs
  • ctags56/args.c
    .vbs
  • ctags56/args.h
    .vbs
  • ctags56/asm.c
    .vbs
  • ctags56/asp.c
    .vbs
  • ctags56/awk.c
    .vbs
  • ctags56/beta.c
    .vbs
  • ctags56/c.c
  • ctags56/cobol.c
    .vbs
  • ctags56/ctags.1
  • ctags56/ctags.exe
    .exe windows:4 windows x86 arch:x86

    4193f3f57d6cfdd2c70ff37f6b85548c


    Headers

    Imports

    Sections

  • ctags56/ctags.h
    .vbs
  • ctags56/ctags.html
  • ctags56/ctags.lsm
  • ctags56/debug.c
    .vbs
  • ctags56/debug.h
    .vbs
  • ctags56/e_amiga.h
  • ctags56/e_djgpp.h
  • ctags56/e_mac.h
    .vbs
  • ctags56/e_msoft.h
  • ctags56/e_os2.h
  • ctags56/e_qdos.h
  • ctags56/e_riscos.h
  • ctags56/e_vms.h
  • ctags56/eiffel.c
    .vbs
  • ctags56/entry.c
    .vbs
  • ctags56/entry.h
    .vbs
  • ctags56/erlang.c
    .vbs
  • ctags56/fortran.c
    .vbs
  • ctags56/general.h
    .vbs
  • ctags56/get.c
    .vbs
  • ctags56/get.h
    .vbs
  • ctags56/html.c
    .vbs
  • ctags56/jscript.c
    .vbs
  • ctags56/keyword.c
    .vbs
  • ctags56/keyword.h
    .vbs
  • ctags56/lisp.c
    .vbs
  • ctags56/lregex.c
    .vbs
  • ctags56/lua.c
    .vbs
  • ctags56/mac.c
    .vbs
  • ctags56/main.c
    .vbs
  • ctags56/main.h
    .vbs
  • ctags56/make.c
    .vbs
  • ctags56/mk_bc3.mak
  • ctags56/mk_bc5.mak
  • ctags56/mk_djg.mak
  • ctags56/mk_manx.mak
  • ctags56/mk_ming.mak
  • ctags56/mk_mpw.mak
    .vbs
  • ctags56/mk_mvc.mak
  • ctags56/mk_os2.mak
  • ctags56/mk_qdos.mak
  • ctags56/mk_sas.mak
  • ctags56/options.c
    .vbs
  • ctags56/options.h
    .vbs
  • ctags56/parse.c
    .vbs
  • ctags56/parse.h
    .vbs
  • ctags56/parsers.h
    .vbs
  • ctags56/pascal.c
    .vbs
  • ctags56/perl.c
    .vbs
  • ctags56/php.c
    .vbs
  • ctags56/python.c
    .vbs
  • ctags56/qdos.c
    .vbs
  • ctags56/read.c
    .vbs
  • ctags56/read.h
    .vbs
  • ctags56/readtags.c
    .vbs
  • ctags56/readtags.h
    .vbs
  • ctags56/rexx.c
    .vbs
  • ctags56/routines.c
    .vbs
  • ctags56/routines.h
    .vbs
  • ctags56/ruby.c
    .vbs
  • ctags56/scheme.c
    .vbs
  • ctags56/sh.c
    .vbs
  • ctags56/slang.c
  • ctags56/sml.c
    .vbs
  • ctags56/sort.c
    .vbs
  • ctags56/sort.h
    .vbs
  • ctags56/source.mak
  • ctags56/sql.c
    .vbs
  • ctags56/strlist.c
    .vbs
  • ctags56/strlist.h
    .vbs
  • ctags56/tcl.c
    .vbs
  • ctags56/verilog.c
    .vbs
  • ctags56/vim.c
    .vbs
  • ctags56/vstring.c
    .vbs
  • ctags56/vstring.h
    .vbs
  • ctags56/yacc.c
    .vbs
  • English.dct
  • Keyboard Layouts/Brief.kbd
  • Keyboard Layouts/C++ Builder.kbd
  • Keyboard Layouts/CodeWright.kbd
  • Keyboard Layouts/Delphi.kbd
  • Keyboard Layouts/NoteTab.kbd
  • Keyboard Layouts/SlickEdit.kbd
  • Keyboard Layouts/TextPad.kbd
  • Keyboard Layouts/UltraEdit.kbd
  • Keyboard Layouts/Visual C++.kbd
  • Keyboard Layouts/WinEdit.kbd
  • Keyboard Layouts/boxerWIN.kbd
  • Keyboard Layouts/boxerdos.kbd
  • Keyboard Layouts/boxeros2.kbd
  • Keyboard Layouts/boxertko.kbd
  • Macros/ExampleAddBlankLineAfterParas.bm
  • Macros/ExampleApplyHTML.bm
  • Macros/ExampleComputeDeposit.bm
  • Macros/ExampleDates.bm
  • Macros/ExampleDeleteBlankLines.bm
  • Macros/ExampleDoubleSpace.bm
  • Macros/ExampleExtractEmailAddresses.bm
  • Macros/ExampleGoogle.bm
  • Macros/ExampleObfuscateHTML.bm
  • Macros/ExamplePrepareTitle.bm
  • Macros/ExampleReduceBlankLines.bm
  • Macros/ExampleReformatAlternate.bm
  • Macros/ExampleReverseNames.bm
  • Macros/ExampleSong.bm
  • Macros/ExampleTime.bm
  • Macros/ExampleUpperCaseSelection.bm
  • New Syntax.ini
    .vbs
  • NewInfo12.shl
  • Projects/Example.bp
  • Template.ini
  • User Lists/User List 1.txt
  • User Lists/User List 2.txt
  • User Lists/User List 3.txt
  • User Lists/User List 4.txt
  • User Lists/User List 5.txt
  • User Lists/User List 6.txt
  • User Lists/User List 7.txt
  • What's New.txt
  • b.exe
    .exe windows:1 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • uninst.exe.nsis
  • 下载说明.htm
    .html .js polyglot
  • 安装说明.txt
  • 非常世纪资源网.url
    .url