3cc1fcc062e6f1e70ea10b64abd230c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3cc1fcc062e6f1e70ea10b64abd230c2_JaffaCakes118
Size

456KB
MD5

3cc1fcc062e6f1e70ea10b64abd230c2
SHA1

fd3b8664bdcdcafda320a5979061258a13222f94
SHA256

bb59f10e438bdc9a805a41256aa55318120fcb15ea1365d3face3bc4b5f0d320
SHA512

8fe84c13bed103eb5a8e02205092c545183c871af597657c8e6e9046546afecbd16317e978ebdfaa64cab0384fb40c7ba5bb82061d1eb75885c974d0f915b55e
SSDEEP

6144:sLzwopDa4LwofsxBhTxuSqMQ/YJ7O2lWW+08Dx4O9Zv6zDtnDuIVTW:sL0op24LwofsxnTxulM2wxlW1Vhv6hD2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cc1fcc062e6f1e70ea10b64abd230c2_JaffaCakes118

Files

3cc1fcc062e6f1e70ea10b64abd230c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60e59c0dae41f3cf6b3d8f006797a7ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\accurev\ws\Twonky_6.0.1-VF_release20100709_tms_win\dlna\twonkymedia\projects\packetvideo\win32\vs-2005\pv\release\twonkymediaserverwatchdog.pdb

Imports

ws2_32

inet_ntoa
gethostname
connect
getpeername
bind
accept
WSAGetLastError
listen
gethostbyname
WSAStartup
WSACleanup
htons
recv
send
inet_addr
socket
closesocket

kernel32

Process32FirstW
LocalFree
CreateThread
GetModuleFileNameW
GetCommandLineW
GetCurrentDirectoryA
TerminateProcess
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
Sleep
GetExitCodeProcess
OpenProcess
CreateToolhelp32Snapshot
Process32NextW
GetLastError
CreateProcessW
CloseHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
WaitForSingleObject
GetModuleFileNameA
GetStdHandle
HeapSize
VirtualAlloc
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
SetEndOfFile
SetStdHandle
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryA
FindFirstFileW
SystemTimeToFileTime
CreateDirectoryW
MoveFileW
FindClose
FindNextFileW
GetFileAttributesExW
DeleteFileW
MultiByteToWideChar
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetThreadPriority
GetProcAddress
GetModuleHandleA
SwitchToThread
RtlUnwind
OutputDebugStringW
GetTickCount
GetDriveTypeA
GetCurrentProcessId
CreateFileW
ExitThread
ExitProcess
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
SetFilePointer
GetFileType
ReadFile
FlushFileBuffers
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapReAlloc
GetCurrentThreadId
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetLocalTime
GetFullPathNameW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement

user32

EndTask
DefWindowProcW
MessageBoxW
LoadIconW
DispatchMessageW
RegisterClassExW
TranslateMessage
wsprintfW
LoadCursorW
LoadImageW
GetSystemMetrics
GetMessageW
CreateWindowExW
FindWindowW

gdi32

GetStockObject

advapi32

OpenServiceW
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherW
OpenSCManagerW
DeleteService
SetServiceStatus
CloseServiceHandle
StartServiceW
CreateServiceW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
ControlService

shell32

CommandLineToArgvW
SHGetSpecialFolderLocation
SHGetMalloc
SHBindToParent

shlwapi

StrRetToBufW

iphlpapi

SendARP

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 304KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 491KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60e59c0dae41f3cf6b3d8f006797a7ac

Headers

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

user32

gdi32

advapi32

shell32

shlwapi

iphlpapi

ole32

Sections

.text Size: 304KB - Virtual size: 302KB

.rdata Size: 84KB - Virtual size: 83KB

.data Size: 60KB - Virtual size: 491KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 304KB - Virtual size: 302KB

.rdata
Size: 84KB - Virtual size: 83KB

.data
Size: 60KB - Virtual size: 491KB

.rsrc
Size: 4KB - Virtual size: 1KB