SWIFT COPY[.]zip | Triage

Sharing

General

Target

SWIFT COPY.zip
Size

530KB
MD5

75284e3895b268b75878277a934c92a6
SHA1

cd57d00269bf48e57916cbbaa2a73aaebebe1e81
SHA256

08c72d5b6662812cdf075d5f112685478d2dc3bdd4334cec4302b90bfb3c8499
SHA512

9d2e45c5b47f703d1fada77d3cd0d9d04f2ae5f4bab47f88f7675c3714499148d2e4471e9c7b7b4633b542ab365e1e3de1300fb1f19cc324e7018660eaa9a591
SSDEEP

12288:bLkFXGPYgFWnLF7x6tsCwvprDOYzsbRMPEVyJEFKX:bAV0FKF7x6tsCwvASs1MsVAX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ELIBE.exe

Files

SWIFT COPY.zip
.zip
ELIBE.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 876KB - Virtual size: 876KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ