439db715a8093690de410b00f9f39c768891c6f0dcd79e7074b03c27cbd68dcd[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

439db715a8093690de410b00f9f39c768891c6f0dcd79e7074b03c27cbd68dcd.zip
Size

690KB
MD5

cbabe0eea969ff686158058669088238
SHA1

38073e67cd4dc8f30ee702995895cb6adbae0d84
SHA256

439db715a8093690de410b00f9f39c768891c6f0dcd79e7074b03c27cbd68dcd
SHA512

3af3465c96f7b061a8d580969286e3da37067add454ccf5f5c27b264283385ec7090c077566dc7658c9042e508b0f1212df71a09cbef740f823d6694ce2ac25b
SSDEEP

12288:1cYZOh41pbcETCzdq4BT0UYmADw5MZmQDJZUNjkvQy+tp5GuRhkKsXf2MvZ:1hZOhibcEmgcHxAnZ50NjkobtpFTsP2M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/swift copy.exe

Files

439db715a8093690de410b00f9f39c768891c6f0dcd79e7074b03c27cbd68dcd.zip
.zip
swift copy.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

NPRD.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 690KB - Virtual size: 688KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ