dc36279bd03e2520c94f1e9a9e1b4248_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc36279bd03e2520c94f1e9a9e1b4248_JaffaCakes118
Size

140KB
MD5

dc36279bd03e2520c94f1e9a9e1b4248
SHA1

8e1b57325e598f634bd236adcb6dcc1f7ba00743
SHA256

8da80ce7747ed698f32b89d24e2554373e0a7658b0fc280daa4b93d76fc87a59
SHA512

1a5cb6860db6a679b454f49b8ab7ed562ea104c044cbca1a95c458aa53cec36883f815610a588561b11f9788b5d31514142bf34caa3e315f402aad8990c0f4c3
SSDEEP

3072:TTnAzQgbHzoCszFJphCvcDSAolobnQ3Ctm:0zUdjh/Qxd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc36279bd03e2520c94f1e9a9e1b4248_JaffaCakes118

Files

dc36279bd03e2520c94f1e9a9e1b4248_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b882b09dd0fb8fee57f5e548c012f546

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\accurev\ws\TwonkyMediaServer_5.1.1_release20091127_tms_win\dlna\twonkymedia\projects\packetvideo\win32\vs-2005\pv\release\twonkymediaserverwatchdog.pdb

Imports

ws2_32

getpeername
listen
bind
inet_ntoa
accept
inet_addr
WSAGetLastError
WSACleanup
WSAStartup
recv
socket
htons
closesocket
connect
gethostbyname
send

shlwapi

StrRetToBufW

kernel32

GetLocaleInfoA
HeapSize
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetExitCodeProcess
Process32NextW
TerminateProcess
CreateToolhelp32Snapshot
CloseHandle
OpenProcess
Process32FirstW
CreateProcessW
Sleep
GetCommandLineW
GetLastError
LocalFree
CreateThread
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
MultiByteToWideChar
SetThreadPriority
GetCurrentDirectoryA
EnterCriticalSection
OutputDebugStringW
GetTickCount
DeleteFileW
SystemTimeToFileTime
CreateDirectoryW
MoveFileW
GetFileAttributesExW
GetProcAddress
GetModuleHandleA
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
WriteConsoleW
GetConsoleOutputCP
GetDriveTypeA
LCMapStringA
CreateDirectoryA
LCMapStringW
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
WaitForSingleObject
CreateFileA
SetEndOfFile
SetStdHandle
HeapReAlloc
VirtualAlloc
ExitThread
ExitProcess
GetLocalTime
GetCurrentThreadId
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTimeAsFileTime
SetFilePointer
GetFileType
CreateFileW
ReadFile
FlushFileBuffers
GetFullPathNameW
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
SetHandleCount
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetModuleFileNameA
LoadLibraryA
HeapDestroy
HeapCreate
VirtualFree
WriteConsoleA

user32

TranslateMessage
DispatchMessageW
MessageBoxW
FindWindowW
EndTask
GetMessageW
wsprintfW

advapi32

RegQueryValueExW
CreateServiceW
StartServiceW
OpenServiceW
ControlService
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
OpenSCManagerW
DeleteService
CloseServiceHandle
SetServiceStatus
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

shell32

SHGetMalloc
SHGetSpecialFolderLocation
CommandLineToArgvW
SHBindToParent

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b882b09dd0fb8fee57f5e548c012f546

Headers

File Characteristics

PDB Paths

Imports

ws2_32

shlwapi

kernel32

user32

advapi32

shell32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 82KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 82KB

.rsrc
Size: 4KB - Virtual size: 176B