Payment Slip (SWIFT)·PDF[.]scr[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Payment Slip (SWIFT)·PDF.scr.exe
Size

800KB
MD5

f84050679c1d9faf1d8de5b63dda5767
SHA1

4891b551c9950cd0beef1a75fd94347cd41b6bfd
SHA256

1f58ea4c343dbabad1eca0c198c3a57a17efd34114f6709487301874e0d7b8d7
SHA512

7b7ffbead4065a601afbe9eb3744c5de435a4141059adbe5c09316a2bde9acb0bb71b1cc346feff139865c6b92bd5d5e68d0eaf96d5b081de5a8b854adc3aa10
SSDEEP

12288:n7x96Kkj3a7v2pKrUnH8xcPYn85rNFfEybTxquh/9XN:7v6Kc3ev2OqHjzbIuh/JN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Payment Slip (SWIFT)·PDF.scr.exe

Files

Payment Slip (SWIFT)·PDF.scr.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 436KB - Virtual size: 435KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ