Static task
static1
Behavioral task
behavioral1
Sample
Swift_FCP240522532.PDF.exe
Resource
win7-20240221-en
General
-
Target
22052024_1252_22052024_Swift_FCP240522532.PDF.zip
-
Size
499KB
-
MD5
7186e5f344dd2f9877e16b404db416a5
-
SHA1
6d5c7eea5e3f4a64a1a6c3b7194a3037dd7d5463
-
SHA256
0eaed36cd55d9f368c68e37ca4f22e6504dcd035374214b5841a4cc7fc85229f
-
SHA512
7acdc20e2ee126151fe72acd9031cdb1ad83d37bd2059669b6d9810d5d6d994d408a2ff2d23f100132cd9ab9a7f61cb265bd69250d196421565b65ac4287d9fd
-
SSDEEP
12288:8gbELUh0WgZbs0CYYRegv/M1Kx5BPKYcbzvepe:8jQqWgB5yj01I5BPKvbrH
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Swift_FCP240522532.PDF.exe
Files
-
22052024_1252_22052024_Swift_FCP240522532.PDF.zip.zip
Password: infected
-
Swift_FCP240522532.PDF.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 517KB - Virtual size: 517KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ