COPIA DE PAGO SWIFT[.]exe | Triage

Sharing

General

Target

COPIA DE PAGO SWIFT.exe
Size

650KB
MD5

c17bf2429aa2d5762a183ddfa50e6b09
SHA1

4a12f5318bbf2c8b5e6bc0cde4860fb6e1e1ea36
SHA256

d2771de5bfa94a9b82ebf960006227bdeb8367f719ded9e74de6fad8f0cbdc47
SHA512

d0f27aac33d8a53755556744e664080817c6007ab271a3bc399ea2530214f17deb5de4c9ea6d3448aa94d2fb10f3a027acb306a9f4749c5a0a39400a32128740
SSDEEP

12288:BaAvfzT370wk9pcvemOOfGZ3ZhItqshitK1cjjd6vlTg8Yglnnx6Jkc0/xh2/:0d9pOe4fG1ZhGRit02OlTgpglnnx6Jp+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
COPIA DE PAGO SWIFT.exe

Files

COPIA DE PAGO SWIFT.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 640KB - Virtual size: 639KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ