TT Swift_copy,pdf[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TT Swift_copy,pdf.exe
Size

969KB
MD5

c473c49692280dd9012267bdfd48fee1
SHA1

1bd83e965aaa0b86847e01cded9f23a44f442760
SHA256

5cbe1a5e330cba662671a99a1f4540262f2b46666be8f9786e01073958c1dd12
SHA512

f4dc1b3fa3f6a62b9680f73940b41c0639d98d8046c245c7a4a6dc96a4eedf08b0522ec9dcfc1ee1749f30ff1d7c069aeb5f41db60486f5919ff719e20cdb65b
SSDEEP

12288:CBECM05dNSWrKAyezpYCVSi9NKXvgG129rnb:wEVv6KA8Qp9+vgZ9r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
TT Swift_copy,pdf.exe

Files

TT Swift_copy,pdf.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 966KB - Virtual size: 966KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ