HEpu SWIFT[.]gz | Triage

Sharing

General

Target

HEpu SWIFT.gz
Size

764KB
MD5

0c6f4146bdad5de7d7c20580bf93a868
SHA1

f2979261af5d91055f3cb6f6889f02c78f60af60
SHA256

168ba630d1cfa3ee1831269749c68e25616e4b70e54436bb032da2e207c3c651
SHA512

fd9401e616e15915433085b5fc03bf95cb20b3de75d6226aa2f0d96215751c1babd0affdcaa0690f8ff88960b7fb007007bc0a381fb12c8c8b183631ec8a8220
SSDEEP

12288:xR8vQhwlnN6E42gN0p3hThtQAq9f9omDdcvHgkaZpLSP7cLWRv3SERciH+qu:gtnkE42DRltQAq9f9omDdcoPZpL4x39K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HEpu SWIFT.exe

Files

HEpu SWIFT.gz
.rar
HEpu SWIFT.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 812KB - Virtual size: 811KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ