21012025_0918_20012025_completed payment Swift[.]zip | Triage

Sharing

General

Target

21012025_0918_20012025_completed payment Swift.zip
Size

498KB
MD5

dd6dbcce85bcf0fa1cb0551865be7a6b
SHA1

e7680679f36dae0c60579b6f03e941726017ea36
SHA256

8951d42cd54ee24819e35270f5106ce547cbd23ac8a97e43135be5c6f4da79e9
SHA512

91ad3e8bea4859e7a4da58c4b8929ac144927bd208a547b1422e65483bc151d9096c565d335841c2b494e149d2512b7f38571960709cf06f4a24d9bf643fe62b
SSDEEP

12288:Va7xuLiBuItRc5F0zmu2C2KtqtaQfkE7GwQD+:VaMLWuCcomu2C2xYQfziwQD+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/completed payment Swift.exe

Files

21012025_0918_20012025_completed payment Swift.zip
.zip

Password: infected
completed payment Swift.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 515KB - Virtual size: 514KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ