ConnectToMobile
DisconnectToMobile
InitMobile
IsBusy
IsConnected
ReadSMS
SendSMS
SetSMC
General
-
Target
94f90e86f0a7c04dcdfa5a0fef1fe471_JaffaCakes118
-
Size
1015KB
-
MD5
94f90e86f0a7c04dcdfa5a0fef1fe471
-
SHA1
78e06907091b0792cd0aebe914ffc01367b22c1a
-
SHA256
eeb8aed3568bf129dbb515163b15d078e90d3b13b0460089689ab756b22bad1e
-
SHA512
d3321c7a9e69c52936ed807a43e693d614c114b0ec9fc56612133181563410af163c40e481ac10236c25c12e29d637c3e33252db895e6ea5fdc91d51143b4f96
-
SSDEEP
24576:Amhtiy6gWfxX4miceYBDkZ74ZuDYeNRPnknY4bEYZ6/t:Amhtiy64WtBusuMeNpL
Score
7/10
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
94f90e86f0a7c04dcdfa5a0fef1fe471_JaffaCakes118
-
30403098/byxj/ControlParameter.DB
-
30403098/byxj/DBDWORK.INI
-
30403098/byxj/DLLReadme.txt
-
30403098/byxj/about.dcu
-
30403098/byxj/about.dfm
-
30403098/byxj/about.pas
-
30403098/byxj/about.~dfm
-
30403098/byxj/about.~pas
-
30403098/byxj/adduser.dcu
-
30403098/byxj/adduser.dfm
-
30403098/byxj/adduser.pas
-
30403098/byxj/adduser.~dfm
-
30403098/byxj/adduser.~pas
-
30403098/byxj/bmxg.dcu
-
30403098/byxj/bmxg.dfm
-
30403098/byxj/bmxg.pas
-
30403098/byxj/bmxg.~dfm
-
30403098/byxj/bmxg.~pas
-
30403098/byxj/changepawd.dcu
-
30403098/byxj/changepawd.dfm
-
30403098/byxj/changepawd.pas
-
30403098/byxj/changepawd.~dfm
-
30403098/byxj/changepawd.~pas
-
30403098/byxj/cp.dcu
-
30403098/byxj/cp.dfm
-
30403098/byxj/cp.pas
-
30403098/byxj/cp.~dfm
-
30403098/byxj/cp.~pas
-
30403098/byxj/dl.dcu
-
30403098/byxj/dl.dfm
-
30403098/byxj/dl.pas
-
30403098/byxj/dl.~dfm
-
30403098/byxj/dl.~pas
-
30403098/byxj/gzdx.dcu
-
30403098/byxj/gzdx.dfm
-
30403098/byxj/gzdx.pas
-
30403098/byxj/gzdx.~dfm
-
30403098/byxj/gzdx.~pas
-
30403098/byxj/gzdxb.DB
-
30403098/byxj/gzdxb.PX
-
30403098/byxj/gzzmxg.dcu
-
30403098/byxj/gzzmxg.dfm
-
30403098/byxj/gzzmxg.pas
-
30403098/byxj/gzzmxg.~dfm
-
30403098/byxj/gzzmxg.~pas
-
30403098/byxj/jbcsb.DB
-
30403098/byxj/jbcsb.PX
-
30403098/byxj/kjcsb.DB
-
30403098/byxj/kjcsb.PX
-
30403098/byxj/llygzzxx.dcu
-
30403098/byxj/llygzzxx.dfm
-
30403098/byxj/llygzzxx.pas
-
30403098/byxj/llygzzxx.~dfm
-
30403098/byxj/llygzzxx.~pas
-
30403098/byxj/main.dcu
-
30403098/byxj/main.dfm
-
30403098/byxj/main.pas
-
30403098/byxj/main.~dfm
-
30403098/byxj/main.~pas
-
30403098/byxj/month11
-
30403098/byxj/pic/17.ico
-
30403098/byxj/pic/20.ico
-
30403098/byxj/pic/23.ico
-
30403098/byxj/pic/26.ico
-
30403098/byxj/pic/27.ico
-
30403098/byxj/pic/31.ico
-
30403098/byxj/pic/35.ico
-
30403098/byxj/pic/37.ico
-
30403098/byxj/pic/40.ico
-
30403098/byxj/pic/43.ico
-
30403098/byxj/pic/47.ico
-
30403098/byxj/pic/50.ico
-
30403098/byxj/pic/51.ico
-
30403098/byxj/pic/Find.ico
-
30403098/byxj/pic/Help.ico
-
30403098/byxj/pic/Shut Down.ico
-
30403098/byxj/pic/close.bmp
-
30403098/byxj/pic/excel.bmp
-
30403098/byxj/pic/exit.bmp
-
30403098/byxj/pic/exit1.bmp
-
30403098/byxj/pic/find.bmp
-
30403098/byxj/pic/find2.ico
-
30403098/byxj/pic/mobilephone.bmp
-
30403098/byxj/pic/print.bmp
-
30403098/byxj/pic/start.bmp
-
30403098/byxj/pic/start.jpg
-
30403098/byxj/pic/tj.bmp
-
30403098/byxj/pic/ydbz.ico
-
30403098/byxj/pub.dcu
-
30403098/byxj/pub.pas
-
30403098/byxj/pub.~pas
-
30403098/byxj/rsgl.dcu
-
30403098/byxj/rsgl.dfm
-
30403098/byxj/rsgl.pas
-
30403098/byxj/rsgl.~dfm
-
30403098/byxj/rsgl.~pas
-
30403098/byxj/rsqkqxfs.dcu
-
30403098/byxj/rsqkqxfs.dfm
-
30403098/byxj/rsqkqxfs.pas
-
30403098/byxj/rsqkqxfs.~dfm
-
30403098/byxj/rsqkqxfs.~pas
-
30403098/byxj/rybb.dcu
-
30403098/byxj/rybb.dfm
-
30403098/byxj/rybb.pas
-
30403098/byxj/rybb.~dfm
-
30403098/byxj/rybb.~pas
-
30403098/byxj/smslib.dll
Headers
Exports
Sections
-
30403098/byxj/sqlnet.log
-
30403098/byxj/staffinfo.DB
-
30403098/byxj/staffinfo.PX
-
30403098/byxj/start.dcu
-
30403098/byxj/start.dfm
-
30403098/byxj/start.pas
-
30403098/byxj/start.~dfm
-
30403098/byxj/start.~pas
-
30403098/byxj/wait_cx.dcu
-
30403098/byxj/wait_cx.dfm
-
30403098/byxj/wait_cx.pas
-
30403098/byxj/wait_cx.~dfm
-
30403098/byxj/wait_cx.~pas
-
30403098/byxj/wait_tscx.dcu
-
30403098/byxj/wait_tscx.dfm
-
30403098/byxj/wait_tscx.pas
-
30403098/byxj/ydmis.cfg
-
30403098/byxj/ydmis.dof
-
30403098/byxj/ydmis.dpr
-
30403098/byxj/ydmis.res
-
30403098/byxj/ydmis.~dpr
-
30403098/byxj/yggzjgtz.dcu
-
30403098/byxj/yggzjgtz.dfm
-
30403098/byxj/yggzjgtz.pas
-
30403098/byxj/yggzjgtz.~dfm
-
30403098/byxj/yggzjgtz.~pas
-
30403098/byxj/ygxjjgb.DB
-
30403098/byxj/ygxjjgb.FAM
-
30403098/byxj/ygxjjgb.PX
-
30403098/byxj/ygxjjgb.TV
-
30403098/byxj/ygzbxxwh.dcu
-
30403098/byxj/ygzbxxwh.dfm
-
30403098/byxj/ygzbxxwh.pas
-
30403098/byxj/ygzbxxwh.~dfm
-
30403098/byxj/ygzbxxwh.~pas
-
30403098/byxj/ygzbxxxr.dcu
-
30403098/byxj/ygzbxxxr.dfm
-
30403098/byxj/ygzbxxxr.pas
-
30403098/byxj/ygzbxxxr.~dfm
-
30403098/byxj/ygzbxxxr.~pas
-
30403098/byxj/ygzlb.DB
-
30403098/byxj/ygzlb.PX
-
30403098/byxj/ygzlcx.dcu
-
30403098/byxj/ygzlcx.dfm
-
30403098/byxj/ygzlcx.pas
-
30403098/byxj/ygzlcx.~dfm
-
30403098/byxj/ygzlcx.~pas
-
30403098/byxj/yhgl.dcu
-
30403098/byxj/yhgl.dfm
-
30403098/byxj/yhgl.pas
-
30403098/byxj/yhgl.~dfm
-
30403098/byxj/yhgl.~pas
-
30403098/byxj/yhklb.DB
-
30403098/byxj/yhklb.PX
-
30403098/byxj/yhklb.VAL
-
30403098/byxj/yiwant.ini
-
30403098/byxj/zcxg.dcu
-
30403098/byxj/zcxg.dfm
-
30403098/byxj/zcxg.pas
-
30403098/byxj/zcxg.~dfm
-
30403098/byxj/zcxg.~pas
-
30403098/byxj/zwxg.dcu
-
30403098/byxj/zwxg.dfm
-
30403098/byxj/zwxg.pas
-
30403098/byxj/zwxg.~dfm
-
30403098/byxj/zwxg.~pas
-
30403098/byxj/~WRL0002.tmp
-
30403098/下载说明.htm
-
30403098/论文