Bank swif[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Bank swif.exe
Size

754KB
MD5

81986a4afb9789af1e43ad205779a107
SHA1

15b756c2b3877d0cb1100e46aa3a7c6bbfcc9ae0
SHA256

fa28f86180684ba58f4fb1ed6e1fce0ddc1061a3a858150a18891202fcd36a05
SHA512

76ff5dadbd638640a4f2f99e2fee383483a489070ddef1cc7a22d4feb0d1b01d61ef96bfa4bfd22776e5272a0beecd5586fdea074099ad0aeed067a00377cd9e
SSDEEP

12288:UNta0s5YgbYE7cXSU8vxT+ELRtwCdKVYS5cZe/e73X5Z:TL3cE7sEZfL4C1qa3X5Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Bank swif.exe

Files

Bank swif.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 752KB - Virtual size: 751KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ