e16af610d0943fa2dc3ffe2136de2e70_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e16af610d0943fa2dc3ffe2136de2e70_JaffaCakes118
Size

613KB
MD5

e16af610d0943fa2dc3ffe2136de2e70
SHA1

3665c570c32a7ac5b68537d481cbb16b1289c6fd
SHA256

cb1d15f1806d6b1df55b601751c53109ca704bd97dbf6d4301120a36f48e1b0f
SHA512

dfed4bea97966b6a9d2bba71d51b38984f21d807108d621a8b7a216b2fcff85618a307932e9e2792e116b9c141be437b40d171bc36cb0db319f2528a6b3153e9
SSDEEP

12288:b63lzjvg0jj2SnrPErP3Fh3co7Jf9J86VMprrBXI/tMQQqBHOBlZrl6gR:G1zbgIj2AgxCsJLB0qQqAl76gR

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AimFall_12_1_2020/ProjectInfinityInjector.exe
unpack001/AimFall_12_1_2020/aimfall.dll

Files

e16af610d0943fa2dc3ffe2136de2e70_JaffaCakes118
.rar
AimFall_12_1_2020/Legit.aimfall
AimFall_12_1_2020/ProjectInfinityInjector.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\source\repos\ProjectInfinityInjector\ProjectInfinityInjector\obj\Release\ProjectInfinityInjector.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AimFall_12_1_2020/Rage.aimfall
AimFall_12_1_2020/aimfall.dll
.dll windows:6 windows x86 arch:x86

07e658fd39b47ca394d0314868afa831

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleHandleW
GetProcAddress
GetStdHandle
SetStdHandle
Sleep
GetCurrentProcess
GetCurrentProcessId
VirtualProtect
QueryPerformanceCounter
QueryPerformanceFrequency
MultiByteToWideChar
GlobalUnlock
GlobalLock
CreateThread
DisableThreadLibraryCalls
WriteConsoleW
SetEndOfFile
HeapSize
CreateFileW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTickCount
GlobalAlloc
GetModuleHandleA
GetLastError
WideCharToMultiByte
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringW
GetStringTypeW
GetCPInfo
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentThreadId
InitializeSListHead
TerminateProcess
RtlUnwind
RaiseException
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
HeapReAlloc

user32

GetAsyncKeyState
FindWindowA
CallWindowProcA
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
SetCursor
GetClientRect
GetKeyState
SetWindowLongA
FlashWindowEx

d3dx9_43

D3DXCreateTextureFromFileInMemoryEx

imm32

ImmGetContext
ImmSetCompositionWindow

Sections

.text
Size: 461KB - Virtual size: 460KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 149KB - Virtual size: 149KB

.rsrc Size: 101KB - Virtual size: 100KB

.reloc Size: 512B - Virtual size: 12B

07e658fd39b47ca394d0314868afa831

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

d3dx9_43

imm32

Sections

.text Size: 461KB - Virtual size: 460KB

.rdata Size: 348KB - Virtual size: 348KB

.data Size: 136KB - Virtual size: 5.5MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 23KB - Virtual size: 23KB

.text
Size: 149KB - Virtual size: 149KB

.rsrc
Size: 101KB - Virtual size: 100KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 461KB - Virtual size: 460KB

.rdata
Size: 348KB - Virtual size: 348KB

.data
Size: 136KB - Virtual size: 5.5MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 23KB - Virtual size: 23KB