PARA SVIFT[.]exe | Triage

Sharing

General

Target

PARA SVIFT.exe
Size

645KB
MD5

47993e39bf9b7edf439b80a02c9a2445
SHA1

89c7c1d18986b961bb9771264dc39f1749d04169
SHA256

1e81361638134c8e01a9f3e77e59fc9681538cf07418bbcd8fb8be2524854937
SHA512

75fa793fb462ae317e773ef9b256d892849d45ad17bcd5700ab0cbbfc8b1360ac9b3ead9661e471445a2ea970b2ce17db2cf828afabe02e01716f3062a5ce526
SSDEEP

12288:ENFnrd53rD22q1hafRNBHiw5i7dYopdpd5LDFzXcdH9GmSn:ETn3rDIypNBHi7RdhLDJXcum

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PARA SVIFT.exe

Files

PARA SVIFT.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 623KB - Virtual size: 622KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ