f7a0d860cb114e0734126c11f13e01b106d79fbd060eae0e3f511147cf31a8fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f7a0d860cb114e0734126c11f13e01b106d79fbd060eae0e3f511147cf31a8fa
Size

769KB
MD5

4b200343e582bc6991d423d49f3eeeec
SHA1

e05f93451d2426822ab16b7272537efa8ee7812a
SHA256

f7a0d860cb114e0734126c11f13e01b106d79fbd060eae0e3f511147cf31a8fa
SHA512

5810fd6c1e52b45c75d33b5a0ae8c7c61831b9400af2f421f914f26132d13191432ed57b03f2134d7b98590ac921456493166406ebcf0a473c635b52ce08a1ef
SSDEEP

24576:GO26bOEuibUxXW6bsSxAs2SlhVz/M/BRls+WGXsBk5MJ:GO26bnuibUXwCllhFk/Lls+WibMJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Swift Copy Of Pending payment.exe

Files

f7a0d860cb114e0734126c11f13e01b106d79fbd060eae0e3f511147cf31a8fa
.zip
Swift Copy Of Pending payment.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 820KB - Virtual size: 817KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ