0abe4d56c072872575ad5e4d5c1154299c161410dccfcae9ddc5dde931e6e648 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0abe4d56c072872575ad5e4d5c1154299c161410dccfcae9ddc5dde931e6e648
Size

518KB
MD5

210e5011f64df395920fe39f8ffbfec9
SHA1

f3a3ac796817a3bf6dcf54e2f85582af94399497
SHA256

0abe4d56c072872575ad5e4d5c1154299c161410dccfcae9ddc5dde931e6e648
SHA512

da30772280185cf1b255c85fa771d2829b3202e389338b7f746aa75bda3a3005c82f9455e2fe7c7a975e2a6eabf679aaee955ceec7dc594d072006d8a44aba56
SSDEEP

6144:T/Ups9XeHW75i0LGIb8SVONSDf8kQoznJGFD149QpCwp:T/Ups9eHW75cygkpLJa49QpCw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/SWIFT-Transaction_Ref 4008483900002_pdf .exe

Files

0abe4d56c072872575ad5e4d5c1154299c161410dccfcae9ddc5dde931e6e648
.iso
out.iso
.iso
SWIFT-Transaction_Ref 4008483900002_pdf .exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ