Static task
static1
Behavioral task
behavioral1
Sample
SWIFT COPY.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
SWIFT COPY.exe
Resource
win10v2004-20231127-en
General
-
Target
SWIFT COPY.exe
-
Size
1.0MB
-
MD5
d7a5e6cf0c7f0937d74f25ad55b89bfa
-
SHA1
a9eaeb41ac609c8720e0f5c5e9d7c43fd9388876
-
SHA256
94e790b64206a78f0a30e4fe686559010744a1596679e7daeb8c3325ff346bbe
-
SHA512
e32e76af4af359654b365f7ede6896924e5d6dc77f73f3376d8238043d6031ec63425dddc0898471a2d36ca947c302c784f4fd1c50e3cd6a660ec71a8d467a63
-
SSDEEP
24576:ZG6s3KSpszXe/e88e+wYm9I4uKe/lEpY:QV3KrXWvCwYqf
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource SWIFT COPY.exe
Files
-
SWIFT COPY.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 645KB - Virtual size: 645KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 387KB - Virtual size: 386KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ