o:\OOO320\src\automation\wntmsci12.pro\bin\communimi.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
b8bafcc3bf250e84f045e63309449013_JaffaCakes118.dll
Resource
win7-20240705-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
b8bafcc3bf250e84f045e63309449013_JaffaCakes118.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
b8bafcc3bf250e84f045e63309449013_JaffaCakes118
-
Size
35KB
-
MD5
b8bafcc3bf250e84f045e63309449013
-
SHA1
33d3673890391ef7520268741ab19f2f320c564d
-
SHA256
4752c424dcdc44a0bea2e23a2bc061bf6c17fc6190cbb35c8488b8125f4a0989
-
SHA512
1f5600d33b4e9e8de50a6420701126e31f754f17f8909f0688fc43b65b98007dc1ef1108f31a908dd4e5f8ded611ea3b6730009616801a7b7de137fa0d4835fc
-
SSDEEP
768:NguThacSSRwyL7zFDOD0hjaZPswi7yjjMy:N3ThjSS2yL75DOD0jaZPswi7yjjMy
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b8bafcc3bf250e84f045e63309449013_JaffaCakes118
Files
-
b8bafcc3bf250e84f045e63309449013_JaffaCakes118.dll windows:5 windows x86 arch:x86
6f46806c7496de0b4af68ea02ea4302e
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
tlmi
??0ByteString@@QAE@PBDG@Z
?QueryDelete@SvRefBase@@MAEXXZ
??1DirEntry@@QAE@XZ
??1String@@QAE@XZ
??0ByteString@@QAE@XZ
??0ByteString@@QAE@ABVString@@GK@Z
?GetName@DirEntry@@QBE?AVString@@W4FSysPathStyle@@@Z
??0DirEntry@@QAE@ABVString@@W4FSysPathStyle@@@Z
??0ByteString@@QAE@PBD@Z
?Call@Link@@QBEJPAX@Z
??0ByteString@@QAE@ABV0@@Z
??1ByteString@@QAE@XZ
?ReleaseReference@SvRefBase@@QAEXXZ
?Append@ByteString@@QAEAAV1@ABV1@@Z
?AddRef@SvRefBase@@QAEKXZ
svlmi
?Remove@SvPtrarr@@QAEXGG@Z
?Insert@SvPtrarr@@QAEXABQAXG@Z
?Insert@SvPtrarr@@QAEXPBQAXGG@Z
??0SvPtrarr@@QAE@GE@Z
??1SvPtrarr@@QAE@XZ
vclmi
?PostUserEvent@Application@@SAKABVLink@@PAX@Z
?GetpApp@@YAPAVApplication@@XZ
??1Timer@@UAE@XZ
?RemoveUserEvent@Application@@SAXK@Z
?Yield@Application@@SAX_N@Z
?Start@Timer@@QAEXXZ
?GetAppFileName@Application@@SAABVString@@XZ
?Stop@Timer@@QAEXXZ
??0Timer@@QAE@XZ
?SetTimeout@Timer@@QAEXK@Z
vos3msc
?join@OThread@vos@@QAAXXZ
?resume@OThread@vos@@QAAXXZ
?shutdown@OStreamSocket@vos@@QAAEW4TSocketDirection@ISocketTypes@2@@Z
?isRunning@OThread@vos@@QAAEXZ
?sleep@OThread@vos@@QAA?AW4TThreadSleep@12@ABUTimeValue@@@Z
?create@OThread@vos@@QAAEXZ
??2OObject@vos@@SAPAXI@Z
??0OMutex@vos@@QAE@XZ
??0OThread@vos@@QAE@XZ
?terminate@OThread@vos@@UAAXXZ
?kill@OThread@vos@@UAAXXZ
?schedule@OThread@vos@@MAAEXZ
?onTerminated@OThread@vos@@MAAXXZ
?getClassInfo@OThread@vos@@UBAABUOClassInfo@2@XZ
??1OThread@vos@@UAE@XZ
??1OMutex@vos@@UAE@XZ
??3OObject@vos@@SAXPAX@Z
??1OInetSocketAddr@vos@@UAE@XZ
?setTcpNoDelay@OSocket@vos@@QBAJJ@Z
?acceptConnection@OAcceptorSocket@vos@@QAA?AW4TResult@ISocketTypes@2@AAVOStreamSocket@2@@Z
??0OStreamSocket@vos@@QAE@XZ
?listen@OAcceptorSocket@vos@@QAAEJ@Z
?bind@OSocket@vos@@QAAEABVOSocketAddr@2@@Z
?setReuseAddr@OSocket@vos@@QBAJJ@Z
?setPort@OInetSocketAddr@vos@@QAAEJ@Z
??0OInetSocketAddr@vos@@QAE@XZ
??0OAcceptorSocket@vos@@QAE@W4TAddrFamily@ISocketTypes@1@W4TProtocol@31@W4TSocketType@31@@Z
sal3
osl_getThreadTextEncoding
simplecmmi
?SetApplication@CommunicationManager@@QAEXABVByteString@@E@Z
??1CommunicationManager@@UAE@XZ
??0SimpleCommunicationLinkViaSocket@@IAE@PAVCommunicationManager@@PAVOStreamSocket@vos@@@Z
?CallConnectionClosed@CommunicationManager@@MAEXPAVCommunicationLink@@@Z
?CallConnectionOpened@CommunicationManager@@MAEXPAVCommunicationLink@@@Z
?GetMyName@CommunicationManager@@UAE?AVByteString@@G@Z
?StartCommunication@CommunicationManager@@UAEEVString@@0@Z
?StartCommunication@CommunicationManager@@UAEEVByteString@@K@Z
??0CommunicationManager@@QAE@E@Z
?SendHandshake@SimpleCommunicationLinkViaSocket@@MAEEGPAVSvStream@@@Z
?DoStartCommunication@CommonSocketFunctions@@QAEEPAVCommunicationManager@@PAVICommunicationManagerClient@@VByteString@@K@Z
?GetBestCommunicationStream@SimpleCommunicationLinkViaSocket@@UAEPAVSvStream@@XZ
?GetMyName@SimpleCommunicationLinkViaSocket@@UAE?AVByteString@@G@Z
?GetCommunicationPartner@SimpleCommunicationLinkViaSocket@@UAE?AVByteString@@G@Z
?GetInfoType@CommunicationLink@@IAEGXZ
?CallInfoMsg@CommunicationLink@@IAEXVInfoString@@@Z
??1SimpleCommunicationLinkViaSocket@@MAE@XZ
?CallInfoMsg@CommunicationManager@@IAEXVInfoString@@@Z
?LinkStubDataReceived@CommunicationLink@@KAJPAX0@Z
?DataReceived@CommunicationLink@@MAEJPAX@Z
?ConnectionClosed@CommunicationLink@@MAEJPAX@Z
?SetApplication@SimpleCommunicationLinkViaSocket@@UAEXABVByteString@@@Z
?SetStreamSocket@SimpleCommunicationLinkViaSocket@@IAEXPAVOStreamSocket@vos@@@Z
?StopCommunication@SimpleCommunicationLinkViaSocket@@UAEEXZ
?IsCommunicationError@SimpleCommunicationLinkViaSocket@@UAEEXZ
?LinkStubConnectionClosed@CommunicationLink@@KAJPAX0@Z
?SetNewPacketAsCurrent@SimpleCommunicationLinkViaSocket@@IAEXXZ
?DoReceiveDataStream@SimpleCommunicationLinkViaSocket@@IAEEXZ
?DoTransferDataStream@CommunicationLink@@MAEEPAVSvStream@@G@Z
msvcr90
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
kernel32
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
Exports
Exports
??0CommonSocketFunctions@@QAE@XZ
??0CommunicationLinkList@@QAE@GE@Z
??0CommunicationLinkList_SAR@@QAE@GE@Z
??0CommunicationLinkRef@@QAE@ABV0@@Z
??0CommunicationLinkRef@@QAE@PAVCommunicationLink@@@Z
??0CommunicationLinkViaSocket@@QAE@PAVCommunicationManager@@PAVOStreamSocket@vos@@@Z
??0CommunicationManagerClient@@QAE@E@Z
??0CommunicationManagerClientViaSocket@@QAE@E@Z
??0CommunicationManagerClientViaSocket@@QAE@VByteString@@KE@Z
??0CommunicationManagerServer@@QAE@E@Z
??0CommunicationManagerServerAcceptThread@@QAE@PAVCommunicationManagerServerViaSocket@@KG@Z
??0CommunicationManagerServerViaSocket@@QAE@KGE@Z
??0ICommunicationManagerClient@@QAE@XZ
??0InfoString@@QAE@AAVByteString@@GPAVCommunicationLink@@@Z
??0InfoString@@QAE@ABV0@@Z
??0MultiCommunicationManager@@QAE@E@Z
??0OGuard@vos@@QAE@AAVIMutex@1@@Z
??1CommunicationLinkList@@QAE@XZ
??1CommunicationLinkList_SAR@@QAE@XZ
??1CommunicationLinkRef@@QAE@XZ
??1CommunicationLinkViaSocket@@UAE@XZ
??1CommunicationManagerClient@@UAE@XZ
??1CommunicationManagerClientViaSocket@@UAE@XZ
??1CommunicationManagerServer@@UAE@XZ
??1CommunicationManagerServerAcceptThread@@UAE@XZ
??1CommunicationManagerServerViaSocket@@UAE@XZ
??1InfoString@@QAE@XZ
??1MultiCommunicationManager@@UAE@XZ
??1OGuard@vos@@UAE@XZ
??4CommunicationLinkRef@@QAEAAV0@ABV0@@Z
??4CommunicationLinkRef@@QAEAAV0@PAVCommunicationLink@@@Z
??BCommunicationLinkRef@@QBEPAVCommunicationLink@@XZ
??CCommunicationLinkRef@@QBEPAVCommunicationLink@@XZ
??_7CommonSocketFunctions@@6B@
??_7CommunicationLinkViaSocket@@6B@
??_7CommunicationLinkViaSocket@@6BIRunnable@vos@@@
??_7CommunicationLinkViaSocket@@6BOObject@vos@@@
??_7CommunicationManagerClient@@6BICommunicationManagerClient@@@
??_7CommunicationManagerClient@@6BMultiCommunicationManager@@@
??_7CommunicationManagerClientViaSocket@@6B@
??_7CommunicationManagerClientViaSocket@@6BICommunicationManagerClient@@@
??_7CommunicationManagerClientViaSocket@@6BMultiCommunicationManager@@@
??_7CommunicationManagerServer@@6B@
??_7CommunicationManagerServerAcceptThread@@6BIRunnable@vos@@@
??_7CommunicationManagerServerAcceptThread@@6BOObject@vos@@@
??_7CommunicationManagerServerViaSocket@@6B@
??_7ICommunicationManagerClient@@6B@
??_7MultiCommunicationManager@@6B@
??_7OGuard@vos@@6B@
??_ECommunicationLinkViaSocket@@WEM@AEPAXI@Z
??_ECommunicationLinkViaSocket@@WFA@AEPAXI@Z
??_ECommunicationManagerServerAcceptThread@@W3AEPAXI@Z
??_GCommunicationLinkList@@QAEPAXI@Z
??_GCommunicationLinkViaSocket@@UAEPAXI@Z
??_GCommunicationManagerClient@@UAEPAXI@Z
??_GCommunicationManagerClientViaSocket@@UAEPAXI@Z
??_GCommunicationManagerServer@@UAEPAXI@Z
??_GCommunicationManagerServerAcceptThread@@UAEPAXI@Z
??_GCommunicationManagerServerViaSocket@@UAEPAXI@Z
??_GMultiCommunicationManager@@UAEPAXI@Z
??_GOGuard@vos@@UAEPAXI@Z
??_R0?AVCommonSocketFunctions@@@8
??_R0?AVCommunicationLink@@@8
??_R0?AVCommunicationLinkViaSocket@@@8
??_R0?AVCommunicationManager@@@8
??_R0?AVCommunicationManagerClient@@@8
??_R0?AVCommunicationManagerClientViaSocket@@@8
??_R0?AVCommunicationManagerServer@@@8
??_R0?AVCommunicationManagerServerAcceptThread@@@8
??_R0?AVCommunicationManagerServerViaSocket@@@8
??_R0?AVICommunicationManagerClient@@@8
??_R0?AVIRunnable@vos@@@8
??_R0?AVMultiCommunicationManager@@@8
??_R0?AVOGuard@vos@@@8
??_R0?AVOObject@vos@@@8
??_R0?AVOThread@vos@@@8
??_R0?AVSimpleCommunicationLinkViaSocket@@@8
??_R0?AVSvRefBase@@@8
??_R13?0A@EA@OObject@vos@@8
??_R1A@?0A@EA@CommonSocketFunctions@@8
??_R1A@?0A@EA@CommunicationLink@@8
??_R1A@?0A@EA@CommunicationLinkViaSocket@@8
??_R1A@?0A@EA@CommunicationManager@@8
??_R1A@?0A@EA@CommunicationManagerClient@@8
??_R1A@?0A@EA@CommunicationManagerClientViaSocket@@8
??_R1A@?0A@EA@CommunicationManagerServer@@8
??_R1A@?0A@EA@CommunicationManagerServerAcceptThread@@8
??_R1A@?0A@EA@CommunicationManagerServerViaSocket@@8
??_R1A@?0A@EA@ICommunicationManagerClient@@8
??_R1A@?0A@EA@IRunnable@vos@@8
??_R1A@?0A@EA@MultiCommunicationManager@@8
??_R1A@?0A@EA@OGuard@vos@@8
??_R1A@?0A@EA@OObject@vos@@8
??_R1A@?0A@EA@OThread@vos@@8
??_R1A@?0A@EA@SimpleCommunicationLinkViaSocket@@8
??_R1A@?0A@EA@SvRefBase@@8
??_R1EA@?0A@EA@ICommunicationManagerClient@@8
??_R1EE@?0A@EN@CommonSocketFunctions@@8
??_R1EM@?0A@EA@IRunnable@vos@@8
??_R1EM@?0A@EA@OThread@vos@@8
??_R1FA@?0A@EA@OObject@vos@@8
??_R2CommonSocketFunctions@@8
??_R2CommunicationLink@@8
??_R2CommunicationLinkViaSocket@@8
??_R2CommunicationManager@@8
??_R2CommunicationManagerClient@@8
??_R2CommunicationManagerClientViaSocket@@8
??_R2CommunicationManagerServer@@8
??_R2CommunicationManagerServerAcceptThread@@8
??_R2CommunicationManagerServerViaSocket@@8
??_R2ICommunicationManagerClient@@8
??_R2IRunnable@vos@@8
??_R2MultiCommunicationManager@@8
??_R2OGuard@vos@@8
??_R2OObject@vos@@8
??_R2OThread@vos@@8
??_R2SimpleCommunicationLinkViaSocket@@8
??_R2SvRefBase@@8
??_R3CommonSocketFunctions@@8
??_R3CommunicationLink@@8
??_R3CommunicationLinkViaSocket@@8
??_R3CommunicationManager@@8
??_R3CommunicationManagerClient@@8
??_R3CommunicationManagerClientViaSocket@@8
??_R3CommunicationManagerServer@@8
??_R3CommunicationManagerServerAcceptThread@@8
??_R3CommunicationManagerServerViaSocket@@8
??_R3ICommunicationManagerClient@@8
??_R3IRunnable@vos@@8
??_R3MultiCommunicationManager@@8
??_R3OGuard@vos@@8
??_R3OObject@vos@@8
??_R3OThread@vos@@8
??_R3SimpleCommunicationLinkViaSocket@@8
??_R3SvRefBase@@8
??_R4CommonSocketFunctions@@6B@
??_R4CommunicationLinkViaSocket@@6B@
??_R4CommunicationLinkViaSocket@@6BIRunnable@vos@@@
??_R4CommunicationLinkViaSocket@@6BOObject@vos@@@
??_R4CommunicationManagerClient@@6BICommunicationManagerClient@@@
??_R4CommunicationManagerClient@@6BMultiCommunicationManager@@@
??_R4CommunicationManagerClientViaSocket@@6B@
??_R4CommunicationManagerClientViaSocket@@6BICommunicationManagerClient@@@
??_R4CommunicationManagerClientViaSocket@@6BMultiCommunicationManager@@@
??_R4CommunicationManagerServer@@6B@
??_R4CommunicationManagerServerAcceptThread@@6BIRunnable@vos@@@
??_R4CommunicationManagerServerAcceptThread@@6BOObject@vos@@@
??_R4CommunicationManagerServerViaSocket@@6B@
??_R4ICommunicationManagerClient@@6B@
??_R4MultiCommunicationManager@@6B@
??_R4OGuard@vos@@6B@
?AddConnection@CommunicationManagerServerAcceptThread@@AAEJPAX@Z
?AddConnection@CommunicationManagerServerViaSocket@@AAEXPAVCommunicationLink@@@Z
?CallConnectionClosed@MultiCommunicationManager@@MAEXPAVCommunicationLink@@@Z
?CallConnectionOpened@MultiCommunicationManager@@MAEXPAVCommunicationLink@@@Z
?CallInfoMsg@CommunicationManagerServerAcceptThread@@AAEXVInfoString@@@Z
?Clear@CommunicationLinkRef@@QAEXXZ
?ConnectionClosed@CommunicationLinkViaSocket@@UAEJPAX@Z
?ConnectionClosed@CommunicationManager@@MAEXPAVCommunicationLink@@@Z
?ConnectionOpened@CommunicationManager@@MAEXPAVCommunicationLink@@@Z
?Count@CommunicationLinkList@@QBEGXZ
?CreateCommunicationLink@CommunicationManagerClientViaSocket@@MAEPAVCommunicationLink@@PAVCommunicationManager@@PAVOConnectorSocket@vos@@@Z
?DataReceived@CommunicationLinkViaSocket@@UAEJPAX@Z
?DataReceived@CommunicationManager@@MAEXPAVCommunicationLink@@@Z
?DeleteAndDestroy@CommunicationLinkList@@QAEXGG@Z
?DestroyingLink@MultiCommunicationManager@@MAEXPAVCommunicationLink@@@Z
?DoTransferDataStream@CommunicationLinkViaSocket@@UAEEPAVSvStream@@G@Z
?GetCommunicationLink@MultiCommunicationManager@@UAE?AVCommunicationLinkRef@@G@Z
?GetCommunicationLinkCount@MultiCommunicationManager@@UAEGXZ
?GetData@CommunicationLinkList@@QBEPAPBVCommunicationLink@@XZ
?GetInfoType@CommunicationManager@@QAEGXZ
?GetInfoType@CommunicationManagerServerAcceptThread@@AAEGXZ
?GetNewConnection@CommunicationManagerServerAcceptThread@@QAE?AVCommunicationLinkRef@@XZ
?GetObject@CommunicationLinkList@@QBEPAVCommunicationLink@@G@Z
?GetObject@CommunicationLinkList_SAR@@QBEPAVCommunicationLink@@G@Z
?GetServiceData@CommunicationLink@@QAEPAVSvStream@@XZ
?GetStreamSocket@SimpleCommunicationLinkViaSocket@@IAEPAVOStreamSocket@vos@@XZ
?InfoMsg@CommunicationManager@@MAEXVInfoString@@@Z
?Insert@CommunicationLinkList@@QAEEAAPBVCommunicationLink@@@Z
?Insert@CommunicationLinkList@@QAEEAAPBVCommunicationLink@@AAG@Z
?Insert@CommunicationLinkList@@QAEXPAPBVCommunicationLink@@G@Z
?Insert@CommunicationLinkList@@QAEXPBV1@GG@Z
?Insert@CommunicationLinkList_SAR@@QAEXAAPBVCommunicationLink@@G@Z
?Insert@CommunicationLinkList_SAR@@QAEXPBV1@GGG@Z
?InvalidateManager@CommunicationLink@@IAEXXZ
?Is@CommunicationLinkRef@@QBEEXZ
?IsCommunicationError@CommunicationLinkViaSocket@@UAEEXZ
?IsCommunicationRunning@CommunicationManager@@UAEEXZ
?IsLinkValid@MultiCommunicationManager@@UAEEPAVCommunicationLink@@@Z
?LinkStubAddConnection@CommunicationManagerServerAcceptThread@@CAJPAX0@Z
?LinkStubPutDataReceivedHdl@CommunicationLinkViaSocket@@SAJPAX0@Z
?LinkStubShutdownLink@CommunicationLinkViaSocket@@KAJPAX0@Z
?PutDataReceivedHdl@CommunicationLinkViaSocket@@QAEJPAV1@@Z
?ReceiveDataStream@CommunicationLink@@UAEEXZ
?Remove@CommunicationLinkList@@QAEXAAPBVCommunicationLink@@G@Z
?Remove@CommunicationLinkList@@QAEXGG@Z
?Remove@CommunicationLinkList_SAR@@QAEXGG@Z
?RetryConnect@ICommunicationManagerClient@@MAEEXZ
?Seek_Entry@CommunicationLinkList@@QBEEPBVCommunicationLink@@PAG@Z
?SetPutDataReceivedHdl@CommunicationLinkViaSocket@@QAEXVLink@@@Z
?ShutdownCommunication@CommunicationLinkViaSocket@@MAEEXZ
?ShutdownLink@CommunicationLinkViaSocket@@IAEJPAX@Z
?StartCallback@CommunicationLink@@IAEXXZ
?StartCommunication@CommunicationManagerClientViaSocket@@UAEEVByteString@@K@Z
?StartCommunication@CommunicationManagerClientViaSocket@@UAEEXZ
?StartCommunication@CommunicationManagerServerViaSocket@@UAEEXZ
?StopCommunication@CommunicationLinkViaSocket@@UAEEXZ
?StopCommunication@CommunicationManagerServerViaSocket@@UAEEXZ
?StopCommunication@MultiCommunicationManager@@UAEEXZ
?WaitForShutdown@CommunicationLinkViaSocket@@MAEXXZ
?gsl_getSystemTextEncoding@@YAGXZ
?pMPostUserEvent@@3PAVOMutex@vos@@A
?run@CommunicationLinkViaSocket@@MAAXXZ
?run@CommunicationManagerServerAcceptThread@@MAAXXZ
GetVersionInfo
Sections
.text Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ