Swift copy $450,0000-PDF[.]exe | Triage

Sharing

General

Target

Swift copy $450,0000-PDF.exe
Size

702KB
MD5

c8f51087ac5998427db880ffbc92a982
SHA1

c7c36dfb0200d25c5e14803b9f72840eb21baeea
SHA256

13044102c3e4f2009818dd287ae2d106f2b5682e4a5ac064edb123d3f7fba44f
SHA512

569d5b76cf77b121a315f19fe30db1966a6dad4e8c8fb2862ded03348d07856128b8560957fec7c23d8f3cbf03d6b9397f7ae3d485f0f45dba7b0f5e95971da6
SSDEEP

12288:ijEZnykU4xOX+xXONwDhDfBrBFV9J6PPaCSqOMJ+bizIVs/5wFLHLs0HCpdSizt3:cT/J+gGDJFVZMJ2VkGFLrszpd0CnJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Swift copy $450,0000-PDF.exe

Files

Swift copy $450,0000-PDF.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 699KB - Virtual size: 699KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ