912e6a9fe747c4d981137252359864d09ae4427b99a80c0cba1b4a055694e459

Sharing

Copy URL

Twitter E-mail

General

Target

912e6a9fe747c4d981137252359864d09ae4427b99a80c0cba1b4a055694e459
Size

4.3MB
MD5

4311587667a35725ab8aee4bb501c052
SHA1

637736e583183c5af187557d747af938a374fb5f
SHA256

912e6a9fe747c4d981137252359864d09ae4427b99a80c0cba1b4a055694e459
SHA512

57a3b5e7bfa9eccf2530c8b9a7b2324dad0ed17ac2e6cfb78ab79f6c5d0145769aac39d36255729ab7640866051b34fabb4a96af3cd9755d4ef321de20b1c3ed
SSDEEP

98304:5vImrOXytlligCgfr4jh8u9fMxAl03LOL+DxGB/u5Pn+2CDzOdtsL61:51+2ig9mhPGxNM+DxGB+W20OdtMI

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SwgdClient.exe
unpack001/SwgdCommon.dll
unpack001/SwgdCustoms.dll
unpack001/SwgdLogic.dll

Files

912e6a9fe747c4d981137252359864d09ae4427b99a80c0cba1b4a055694e459
.zip
SwgdClient.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

SwgdClient.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SwgdCommon.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

SwgdCommon.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 365B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SwgdCustoms.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\jenkins-mli\workspace\swgdclient_ui-devops\SwgdCustoms\obj\Release\SwgdCustoms.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SwgdLogic.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

SwgdLogic.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 878KB - Virtual size: 878KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 209B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 4.7MB - Virtual size: 4.7MB

.sdata Size: 512B - Virtual size: 177B

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 4.6MB - Virtual size: 4.6MB

.sdata Size: 512B - Virtual size: 365B

.rsrc Size: 1024B - Virtual size: 804B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 24KB - Virtual size: 23KB

.rsrc Size: 1024B - Virtual size: 808B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 878KB - Virtual size: 878KB

.sdata Size: 512B - Virtual size: 209B

.rsrc Size: 1024B - Virtual size: 788B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 4.7MB - Virtual size: 4.7MB

.sdata
Size: 512B - Virtual size: 177B

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 4.6MB - Virtual size: 4.6MB

.sdata
Size: 512B - Virtual size: 365B

.rsrc
Size: 1024B - Virtual size: 804B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 1024B - Virtual size: 808B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 878KB - Virtual size: 878KB

.sdata
Size: 512B - Virtual size: 209B

.rsrc
Size: 1024B - Virtual size: 788B

.reloc
Size: 512B - Virtual size: 12B