22052024_1252_22052024_Swift_FCP240522532[.]PDF[.]zip | Triage

Sharing

General

Target

22052024_1252_22052024_Swift_FCP240522532.PDF.zip
Size

499KB
MD5

7186e5f344dd2f9877e16b404db416a5
SHA1

6d5c7eea5e3f4a64a1a6c3b7194a3037dd7d5463
SHA256

0eaed36cd55d9f368c68e37ca4f22e6504dcd035374214b5841a4cc7fc85229f
SHA512

7acdc20e2ee126151fe72acd9031cdb1ad83d37bd2059669b6d9810d5d6d994d408a2ff2d23f100132cd9ab9a7f61cb265bd69250d196421565b65ac4287d9fd
SSDEEP

12288:8gbELUh0WgZbs0CYYRegv/M1Kx5BPKYcbzvepe:8jQqWgB5yj01I5BPKvbrH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/Swift_FCP240522532.PDF.exe

Files

22052024_1252_22052024_Swift_FCP240522532.PDF.zip
.zip

Password: infected
Swift_FCP240522532.PDF.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 517KB - Virtual size: 517KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ