Swift Dekont[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Swift Dekont.exe
Size

1.1MB
MD5

25df456a869d743850ff06b2e6c767d4
SHA1

ff562751dc0bc00d2d47ce2d4a2b1dc85c5284b5
SHA256

0658452ccc78328852c795489f159daee6833e8101dc16ac93538c6c7c8b39df
SHA512

1cb3c2df24a92d2067f991648e4dfc5a2fcbc8f749ca9b0d82cbf90dc45287819e4b4615caefd7a79f7d211fe03112ab055ccbb71fcb587bb77337c6a2274816
SSDEEP

12288:fR0Txd7nPeWHxfAfrms5xvHdxSAZOQZ53KrEVvW+f18ICh/iRZCBcvkq8cT:fRHOoKYFx4QD3518IWiRYMkqV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Swift Dekont.exe

Files

Swift Dekont.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 865KB - Virtual size: 864KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ