SWIFT-COPY-MT103-PAYMENT[.]ACE | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SWIFT-COPY-MT103-PAYMENT.ACE
Size

372KB
MD5

202653a6262c48564c2b52178c62920e
SHA1

0247a0c6cbfcbc51e11adba2c04fca3800b9aeb6
SHA256

af45ca10c67fa3f5caa3028f24599554d1504c90912ee0db9261417c22236fef
SHA512

9235991e62d0af8683a6703438a2b7f4038fd6a241bb72e0b6bc17bc9752a629f8e52b53ecb73efd74e9b95b8509c1a461d3bf316c99e7f123de6ef8cdf5130c
SSDEEP

6144:AlnjAU04DqYKPcVjQqgNymnpBK0S45JN1Mad6ny7IxgF9v876ebim+4kaJUjAi/1:A2U0DYjd4cmpBK/6NCad6y8g9k76emm2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SWIFT-COPY-MT103-PAYMENT.exe

Files

SWIFT-COPY-MT103-PAYMENT.ACE
.zip
SWIFT-COPY-MT103-PAYMENT.exe
.exe windows x86

2baf2cf5457a6cbc889a1294e9abb0e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord100

Sections

.text
Size: 532KB - Virtual size: 531KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ