o:\OOO320\src\automation\wntmsci12.pro\bin\simplecmmi.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
7205f01921168817fc2b032f9e6bdeec_JaffaCakes118.dll
Resource
win7-20240704-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
7205f01921168817fc2b032f9e6bdeec_JaffaCakes118.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
7205f01921168817fc2b032f9e6bdeec_JaffaCakes118
-
Size
186KB
-
MD5
7205f01921168817fc2b032f9e6bdeec
-
SHA1
e2a118acb7a85e49ae9b1f1fb532cb95d69cd2a4
-
SHA256
d9ab4a01ba1974ca6f085022460b7ea1b500f002aea12fc677ca329defc32579
-
SHA512
ae47273ec0daeb875eacc2b16d40d71b3c1f2639dc05b4051f9c779d5970ca30b9ac2ad6d117bb0fb64eaac05bcc1d5266780a197e491173a68aa3b9423305ae
-
SSDEEP
3072:XyUG8NSDOcvuesPuHGuBn6qCqvEP/jawuZ0S6kA6GAQiATtw6uwx38YAy2y0h4ca:XgPDOcvuesPNuBn6d/ed0SRdATt3XMop
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7205f01921168817fc2b032f9e6bdeec_JaffaCakes118
Files
-
7205f01921168817fc2b032f9e6bdeec_JaffaCakes118.dll windows:5 windows x86 arch:x86
b2ffab81e3fe04ac8b71bc3094800cdf
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
tlmi
?SeekRel@SvStream@@QAEKJ@Z
?Flush@SvStream@@QAEXXZ
??0String@@QAE@ABVByteString@@GK@Z
??BString@@QBE?AVOUString@rtl@@XZ
?Call@Link@@QBEJPAX@Z
?WriteByteString@SvStream@@QAEAAV1@ABVByteString@@@Z
?SetBuffer@SvMemoryStream@@QAEPAXPAXKEK@Z
??1SvMemoryStream@@UAE@XZ
?FreeMemory@SvMemoryStream@@MAEXXZ
?ReAllocateMemory@SvMemoryStream@@MAEEJ@Z
?SetNumberFormatInt@SvStream@@QAEXG@Z
?AllocateMemory@SvMemoryStream@@MAEEK@Z
?RemoveMark@SvStream@@UAEXK@Z
?AddMark@SvStream@@UAEXK@Z
?IsA@SvMemoryStream@@UBEGXZ
?ResetError@SvMemoryStream@@UAEXXZ
?SetSize@SvMemoryStream@@MAEXK@Z
?FlushData@SvMemoryStream@@MAEXXZ
?SeekPos@SvMemoryStream@@MAEKK@Z
?PutData@SvMemoryStream@@MAEKPBXK@Z
?GetData@SvMemoryStream@@MAEKPAXK@Z
??5SvStream@@QAEAAV0@AAG@Z
?ReadByteString@SvStream@@QAEAAV1@AAVByteString@@@Z
?AddRef@SvRefBase@@QAEKXZ
?Append@ByteString@@QAEAAV1@ABV1@@Z
??0SvMemoryStream@@QAE@KK@Z
??0String@@QAE@ABVOUString@rtl@@@Z
??0ByteString@@QAE@ABVString@@GK@Z
??1String@@QAE@XZ
??0ByteString@@QAE@PBDG@Z
??0ByteString@@QAE@XZ
?Assign@ByteString@@QAEAAV1@ABV1@@Z
??4Time@@QAEAAV0@ABV0@@Z
?Seek@SvStream@@QAEKK@Z
??0ByteString@@QAE@ABV0@@Z
??1SvRefBase@@MAE@XZ
?QueryDelete@SvRefBase@@MAEXXZ
??0Date@@QAE@XZ
??0Time@@QAE@XZ
??0ByteString@@QAE@PBD@Z
??1ByteString@@QAE@XZ
?ReleaseReference@SvRefBase@@QAEXXZ
vos3msc
??0OInetSocketAddr@vos@@QAE@XZ
?setAddr@OInetSocketAddr@vos@@QAAEABVOUString@rtl@@@Z
?setPort@OInetSocketAddr@vos@@QAAEJ@Z
??0OConnectorSocket@vos@@QAE@W4TAddrFamily@ISocketTypes@1@W4TProtocol@31@W4TSocketType@31@@Z
?setTcpNoDelay@OSocket@vos@@QBAJJ@Z
?connect@OConnectorSocket@vos@@QAA?AW4TResult@ISocketTypes@2@ABVOSocketAddr@2@PBUTimeValue@@@Z
??1OInetSocketAddr@vos@@UAE@XZ
?getLocalHostname@OSocketAddr@vos@@SA?AW4TResult@ISocketTypes@2@AAVOUString@rtl@@@Z
?shutdown@OStreamSocket@vos@@QAAEW4TSocketDirection@ISocketTypes@2@@Z
?getLocalAddr@OSocket@vos@@QBAXAAVOSocketAddr@2@@Z
?getPeerHost@OSocket@vos@@QBA?AW4TResult@ISocketTypes@2@AAVOUString@rtl@@@Z
??2OObject@vos@@SAPAXI@Z
??0OSocketAddr@vos@@QAE@XZ
?getPeerAddr@OSocket@vos@@QBAXAAVOSocketAddr@2@@Z
?getDottedAddr@OInetSocketAddr@vos@@QBA?AW4TResult@ISocketTypes@2@AAVOUString@rtl@@@Z
?setRecvTimeout@OSocket@vos@@QAAXPBUTimeValue@@@Z
??1OMutex@vos@@UAE@XZ
??0OMutex@vos@@QAE@XZ
?getLocalHost@OSocket@vos@@QBA?AW4TResult@ISocketTypes@2@AAVOUString@rtl@@@Z
sal3
rtl_uString_acquire
rtl_uString_new
rtl_uString_release
msvcr90
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
_encode_pointer
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_malloc_crt
free
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_except_handler4_common
_onexit
kernel32
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent
Exports
Exports
??0CommonSocketFunctions@@QAE@XZ
??0CommunicationLink@@QAE@PAVCommunicationManager@@@Z
??0CommunicationLinkRef@@QAE@ABV0@@Z
??0CommunicationLinkRef@@QAE@PAVCommunicationLink@@@Z
??0CommunicationLinkRef@@QAE@XZ
??0CommunicationManager@@QAE@E@Z
??0ICommunicationManagerClient@@QAE@XZ
??0IReceiver@@QAE@XZ
??0ITransmiter@@QAE@XZ
??0InfoString@@QAE@AAVByteString@@GPAVCommunicationLink@@@Z
??0InfoString@@QAE@ABV0@@Z
??0OGuard@vos@@QAE@AAVIMutex@1@@Z
??0OUString@rtl@@QAE@ABV01@@Z
??0OUString@rtl@@QAE@XZ
??0PacketHandler@@QAE@PAVITransmiter@@PAVIReceiver@@E@Z
??0SimpleCommunicationLinkViaSocket@@IAE@PAVCommunicationManager@@PAVOStreamSocket@vos@@@Z
??0SimpleCommunicationLinkViaSocketWithReceiveCallbacks@@QAE@PAVCommunicationManager@@PAVOStreamSocket@vos@@@Z
??0SingleCommunicationManager@@QAE@E@Z
??0SingleCommunicationManagerClientViaSocket@@QAE@E@Z
??0SingleCommunicationManagerClientViaSocket@@QAE@VByteString@@KE@Z
??0TCPIO@@QAE@PAVOStreamSocket@vos@@@Z
??1CommunicationLink@@MAE@XZ
??1CommunicationLinkRef@@QAE@XZ
??1CommunicationManager@@UAE@XZ
??1IReceiver@@UAE@XZ
??1ITransmiter@@UAE@XZ
??1InfoString@@QAE@XZ
??1OGuard@vos@@UAE@XZ
??1OUString@rtl@@QAE@XZ
??1SimpleCommunicationLinkViaSocket@@MAE@XZ
??1SimpleCommunicationLinkViaSocketWithReceiveCallbacks@@UAE@XZ
??1SingleCommunicationManager@@UAE@XZ
??1SingleCommunicationManagerClientViaSocket@@UAE@XZ
??1TCPIO@@UAE@XZ
??4CommunicationLinkRef@@QAEAAV0@ABV0@@Z
??4CommunicationLinkRef@@QAEAAV0@PAVCommunicationLink@@@Z
??BCommunicationLinkRef@@QBEPAVCommunicationLink@@XZ
??CCommunicationLinkRef@@QBEPAVCommunicationLink@@XZ
??ICommunicationLinkRef@@QBEPAVCommunicationLink@@XZ
??_7CommonSocketFunctions@@6B@
??_7CommunicationLink@@6B@
??_7CommunicationManager@@6B@
??_7ICommunicationManagerClient@@6B@
??_7IReceiver@@6B@
??_7ITransmiter@@6B@
??_7OGuard@vos@@6B@
??_7PacketHandler@@6B@
??_7SimpleCommunicationLinkViaSocket@@6B@
??_7SimpleCommunicationLinkViaSocketWithReceiveCallbacks@@6B@
??_7SingleCommunicationManager@@6B@
??_7SingleCommunicationManagerClientViaSocket@@6BCommonSocketFunctions@@@
??_7SingleCommunicationManagerClientViaSocket@@6BICommunicationManagerClient@@@
??_7SingleCommunicationManagerClientViaSocket@@6BSingleCommunicationManager@@@
??_7TCPIO@@6BIReceiver@@@
??_7TCPIO@@6BITransmiter@@@
??_ETCPIO@@W7AEPAXI@Z
??_GCommunicationLink@@MAEPAXI@Z
??_GCommunicationManager@@UAEPAXI@Z
??_GIReceiver@@UAEPAXI@Z
??_GITransmiter@@UAEPAXI@Z
??_GOGuard@vos@@UAEPAXI@Z
??_GSimpleCommunicationLinkViaSocket@@MAEPAXI@Z
??_GSimpleCommunicationLinkViaSocketWithReceiveCallbacks@@UAEPAXI@Z
??_GSingleCommunicationManager@@UAEPAXI@Z
??_GSingleCommunicationManagerClientViaSocket@@UAEPAXI@Z
??_GSvMemoryStream@@UAEPAXI@Z
??_GTCPIO@@UAEPAXI@Z
??_R0?AVCommonSocketFunctions@@@8
??_R0?AVCommunicationLink@@@8
??_R0?AVCommunicationManager@@@8
??_R0?AVICommunicationManagerClient@@@8
??_R0?AVIReceiver@@@8
??_R0?AVITransmiter@@@8
??_R0?AVOGuard@vos@@@8
??_R0?AVPacketHandler@@@8
??_R0?AVSimpleCommunicationLinkViaSocket@@@8
??_R0?AVSimpleCommunicationLinkViaSocketWithReceiveCallbacks@@@8
??_R0?AVSingleCommunicationManager@@@8
??_R0?AVSingleCommunicationManagerClientViaSocket@@@8
??_R0?AVSvMemoryStream@@@8
??_R0?AVSvRefBase@@@8
??_R0?AVSvStream@@@8
??_R0?AVTCPIO@@@8
??_R17?0A@EA@IReceiver@@8
??_R1A@?0A@EA@CommonSocketFunctions@@8
??_R1A@?0A@EA@CommunicationLink@@8
??_R1A@?0A@EA@CommunicationManager@@8
??_R1A@?0A@EA@ICommunicationManagerClient@@8
??_R1A@?0A@EA@IReceiver@@8
??_R1A@?0A@EA@ITransmiter@@8
??_R1A@?0A@EA@OGuard@vos@@8
??_R1A@?0A@EA@PacketHandler@@8
??_R1A@?0A@EA@SimpleCommunicationLinkViaSocket@@8
??_R1A@?0A@EA@SimpleCommunicationLinkViaSocketWithReceiveCallbacks@@8
??_R1A@?0A@EA@SingleCommunicationManager@@8
??_R1A@?0A@EA@SingleCommunicationManagerClientViaSocket@@8
??_R1A@?0A@EA@SvMemoryStream@@8
??_R1A@?0A@EA@SvRefBase@@8
??_R1A@?0A@EA@SvStream@@8
??_R1A@?0A@EA@TCPIO@@8
??_R1DM@?0A@EA@ICommunicationManagerClient@@8
??_R1EA@?0A@EN@CommonSocketFunctions@@8
??_R2CommonSocketFunctions@@8
??_R2CommunicationLink@@8
??_R2CommunicationManager@@8
??_R2ICommunicationManagerClient@@8
??_R2IReceiver@@8
??_R2ITransmiter@@8
??_R2OGuard@vos@@8
??_R2PacketHandler@@8
??_R2SimpleCommunicationLinkViaSocket@@8
??_R2SimpleCommunicationLinkViaSocketWithReceiveCallbacks@@8
??_R2SingleCommunicationManager@@8
??_R2SingleCommunicationManagerClientViaSocket@@8
??_R2SvMemoryStream@@8
??_R2SvRefBase@@8
??_R2SvStream@@8
??_R2TCPIO@@8
??_R3CommonSocketFunctions@@8
??_R3CommunicationLink@@8
??_R3CommunicationManager@@8
??_R3ICommunicationManagerClient@@8
??_R3IReceiver@@8
??_R3ITransmiter@@8
??_R3OGuard@vos@@8
??_R3PacketHandler@@8
??_R3SimpleCommunicationLinkViaSocket@@8
??_R3SimpleCommunicationLinkViaSocketWithReceiveCallbacks@@8
??_R3SingleCommunicationManager@@8
??_R3SingleCommunicationManagerClientViaSocket@@8
??_R3SvMemoryStream@@8
??_R3SvRefBase@@8
??_R3SvStream@@8
??_R3TCPIO@@8
??_R4CommonSocketFunctions@@6B@
??_R4CommunicationLink@@6B@
??_R4CommunicationManager@@6B@
??_R4ICommunicationManagerClient@@6B@
??_R4IReceiver@@6B@
??_R4ITransmiter@@6B@
??_R4OGuard@vos@@6B@
??_R4PacketHandler@@6B@
??_R4SimpleCommunicationLinkViaSocket@@6B@
??_R4SimpleCommunicationLinkViaSocketWithReceiveCallbacks@@6B@
??_R4SingleCommunicationManager@@6B@
??_R4SingleCommunicationManagerClientViaSocket@@6BCommonSocketFunctions@@@
??_R4SingleCommunicationManagerClientViaSocket@@6BICommunicationManagerClient@@@
??_R4SingleCommunicationManagerClientViaSocket@@6BSingleCommunicationManager@@@
??_R4SvMemoryStream@@6B@
??_R4TCPIO@@6BIReceiver@@@
??_R4TCPIO@@6BITransmiter@@@
??_SSvMemoryStream@@6B@
?CalcCheckByte@PacketHandler@@AAEEK@Z
?CallConnectionClosed@CommunicationManager@@MAEXPAVCommunicationLink@@@Z
?CallConnectionClosed@SingleCommunicationManager@@MAEXPAVCommunicationLink@@@Z
?CallConnectionOpened@CommunicationManager@@MAEXPAVCommunicationLink@@@Z
?CallConnectionOpened@SingleCommunicationManager@@MAEXPAVCommunicationLink@@@Z
?CallDataReceived@CommunicationManager@@IAEXPAVCommunicationLink@@@Z
?CallInfoMsg@CommunicationLink@@IAEXVInfoString@@@Z
?CallInfoMsg@CommunicationManager@@IAEXVInfoString@@@Z
?Clear@CommunicationLinkRef@@QAEXXZ
?ConnectionClosed@CommunicationLink@@MAEJPAX@Z
?ConnectionClosed@CommunicationManager@@MAEXPAVCommunicationLink@@@Z
?ConnectionOpened@CommunicationManager@@MAEXPAVCommunicationLink@@@Z
?CreateCommunicationLink@SingleCommunicationManagerClientViaSocket@@MAEPAVCommunicationLink@@PAVCommunicationManager@@PAVOConnectorSocket@vos@@@Z
?DataReceived@CommunicationLink@@MAEJPAX@Z
?DataReceived@CommunicationManager@@MAEXPAVCommunicationLink@@@Z
?DestroyingLink@SingleCommunicationManager@@MAEXPAVCommunicationLink@@@Z
?DoReceiveDataStream@SimpleCommunicationLinkViaSocket@@IAEEXZ
?DoStartCommunication@CommonSocketFunctions@@QAEEPAVCommunicationManager@@PAVICommunicationManagerClient@@VByteString@@K@Z
?DoTransferDataStream@CommunicationLink@@MAEEPAVSvStream@@G@Z
?FinishCallback@CommunicationLink@@QAEXXZ
?GetApplication@CommunicationManager@@QAEABVByteString@@XZ
?GetBestCommunicationStream@SimpleCommunicationLinkViaSocket@@UAEPAVSvStream@@XZ
?GetCommunicationLink@SingleCommunicationManager@@UAE?AVCommunicationLinkRef@@G@Z
?GetCommunicationLinkCount@SingleCommunicationManager@@UAEGXZ
?GetCommunicationPartner@SimpleCommunicationLinkViaSocket@@UAE?AVByteString@@G@Z
?GetInfoType@CommunicationLink@@IAEGXZ
?GetInfoType@CommunicationManager@@QAEGXZ
?GetMyName@CommunicationManager@@UAE?AVByteString@@G@Z
?GetMyName@SimpleCommunicationLinkViaSocket@@UAE?AVByteString@@G@Z
?GetReceiveHeaderType@PacketHandler@@QAEGXZ
?GetReceiveProtocol@PacketHandler@@QAEGXZ
?GetServiceData@CommunicationLink@@QAEPAVSvStream@@XZ
?GetStreamSocket@SimpleCommunicationLinkViaSocket@@IAEPAVOStreamSocket@vos@@XZ
?InfoMsg@CommunicationManager@@MAEXVInfoString@@@Z
?InvalidateManager@CommunicationLink@@IAEXXZ
?Is@CommunicationLinkRef@@QBEEXZ
?IsCommunicationError@SimpleCommunicationLinkViaSocket@@UAEEXZ
?IsCommunicationRunning@CommunicationManager@@UAEEXZ
?IsLinkValid@SingleCommunicationManager@@UAEEPAVCommunicationLink@@@Z
?IsMultiChannel@CommunicationManager@@QAEEXZ
?LinkStubConnectionClosed@CommunicationLink@@KAJPAX0@Z
?LinkStubDataReceived@CommunicationLink@@KAJPAX0@Z
?ReceiveBytes@TCPIO@@UAEGPAXK@Z
?ReceiveData@PacketHandler@@QAEEAAPAXAAK@Z
?ReceiveDataStream@CommunicationLink@@UAEEXZ
?ReceiveDataStream@SimpleCommunicationLinkViaSocketWithReceiveCallbacks@@UAEEXZ
?RetryConnect@ICommunicationManagerClient@@MAEEXZ
?SendHandshake@PacketHandler@@UAEEGPBXK@Z
?SendHandshake@SimpleCommunicationLinkViaSocket@@MAEEGPAVSvStream@@@Z
?SetApplication@CommunicationLink@@UAEXABVByteString@@@Z
?SetApplication@CommunicationManager@@QAEXABVByteString@@E@Z
?SetApplication@SimpleCommunicationLinkViaSocket@@UAEXABVByteString@@@Z
?SetFinalRecieveTimeout@SimpleCommunicationLinkViaSocket@@IAEXXZ
?SetNewPacketAsCurrent@SimpleCommunicationLinkViaSocket@@IAEXXZ
?SetStreamSocket@SimpleCommunicationLinkViaSocket@@IAEXPAVOStreamSocket@vos@@@Z
?SetStreamSocket@TCPIO@@QAEXPAVOStreamSocket@vos@@@Z
?ShutdownCommunication@SimpleCommunicationLinkViaSocketWithReceiveCallbacks@@MAEEXZ
?StartCallback@CommunicationLink@@IAEXXZ
?StartCommunication@CommunicationManager@@UAEEVByteString@@K@Z
?StartCommunication@CommunicationManager@@UAEEVString@@0@Z
?StartCommunication@SingleCommunicationManagerClientViaSocket@@UAEEVByteString@@K@Z
?StartCommunication@SingleCommunicationManagerClientViaSocket@@UAEEXZ
?StopCommunication@SimpleCommunicationLinkViaSocket@@UAEEXZ
?StopCommunication@SingleCommunicationManager@@UAEEXZ
?TransferBytes@TCPIO@@UAEGPBXK@Z
?TransferData@PacketHandler@@UAEEPBXKG@Z
?TransferDataStream@CommunicationLink@@QAEEPAVSvStream@@G@Z
?WaitForShutdown@SimpleCommunicationLinkViaSocketWithReceiveCallbacks@@MAEXXZ
GetVersionInfo
Sections
.text Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.text Size: 151KB - Virtual size: 152KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE