Ziraat Bankası Swift Mesajı[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Ziraat Bankası Swift Mesajı.exe
Size

604KB
MD5

dd3e652890c62f2c7fd322afdc0c56c7
SHA1

e1461c2b260a76b1c1252c676a308891ded74363
SHA256

3c455d7a0d61e4c11af1e4a6822bcc9c9f229bfe3e5c99e98977451c05f22ff2
SHA512

083c67923a59aa12802d554f4e30fdc96032931887d2d5d3b772d1af07b7181ba7dd15d7cfdcce83ec580bc6a415377a0545b3286c86d0a67969dc6b5cc8add8
SSDEEP

12288:Fa19QIoIFFHgeg/c9Zb7UcjyR5kRBNaQnsGh/ZPzh9hKcU3Z9HKvasD+0:wQIXFxHUtekM/ZPzCsD7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Ziraat Bankası Swift Mesajı.exe

Files

Ziraat Bankası Swift Mesajı.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

pkhm.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 592KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ