Swift Mesajı[.]exe | Triage

Sharing

General

Target

Swift Mesajı.exe
Size

997KB
MD5

2bc7d1500129d953ac220cc4b602a25d
SHA1

747f488ff518d440511b48dcff90f306d5818657
SHA256

e6ea05ea9109885d5fa38b56d80c0748fbaacb2c8d63e32c83763cb7138acc56
SHA512

f275218821191b384b098038e7f367bec07b7e23d72370581c4726cede308bf45cf4206f4e6171691e3c3b2e713716b4fc740035111f3dd81f021deccd367ea4
SSDEEP

12288:D9d2iNjJz/IIHF3fKqHy5/Z4Vds/o25WI8EsKw1AvoFBpS2OB/:Dn1NJz/IIHFv9H24Yo29sqv8pSbB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Swift Mesajı.exe

Files

Swift Mesajı.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

XhuH.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 705KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ