02cd4508debe035aeffcf97dd6c7316b_JaffaCakes118 | Triage

Sharing

General

Target

02cd4508debe035aeffcf97dd6c7316b_JaffaCakes118
Size

590KB
MD5

02cd4508debe035aeffcf97dd6c7316b
SHA1

383ddb84b57e09c1607a9245ac3752f05ffe0b9e
SHA256

a3def3f8e481c7039e107e72c2b8b1420fccfe25f06611bfaf83cee2fbf95fae
SHA512

1f22e176f8d155d46eaf00ea98688089616ff44958060b84494d8fc0028e35c391e938e0b8429f1936fdcf860b3a4db86c9b95cda63d3e4d3a756bce6884d5c1
SSDEEP

12288:9BOA3WVN2ooPLMgulL7xNLzTe8jSDZzXEdDuiLYI1I8dI:9BaVN2ooPLMgOL7xJvjAsDuQT1O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PMC.SubtitleConverter_3.9.1225_gb/PMC_SubtitleConverter.exe

Files

02cd4508debe035aeffcf97dd6c7316b_JaffaCakes118
.rar
PMC.SubtitleConverter_3.9.1225_gb/PMC_SubtitleConverter.exe
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 530KB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PMC.SubtitleConverter_3.9.1225_gb/PMC_SubtitleConverter.ver
PMC.SubtitleConverter_3.9.1225_gb/Q&A.txt
PMC.SubtitleConverter_3.9.1225_gb/Readme.txt
PMC.SubtitleConverter_3.9.1225_gb/Update.txt