1ca6f20fc9e3cab264385bcb75eef1413b39aa5e914ac7957d7c790dd9e16a07 | Triage

Sharing

General

Target

1ca6f20fc9e3cab264385bcb75eef1413b39aa5e914ac7957d7c790dd9e16a07
Size

688KB
MD5

ce49620791839f0fe04d5d34162c394c
SHA1

179dec0cfbfe81633cbe03ff8df5ed607ffd2a25
SHA256

1ca6f20fc9e3cab264385bcb75eef1413b39aa5e914ac7957d7c790dd9e16a07
SHA512

b176ad72ad2bc094c2ce58d6ecb15db2f8bcfb722c7427987431b75c8293d62102c5032e206d1f14884026e8ae6c03d7bb99e5fcf62a6e56dcb5233173f75bca
SSDEEP

12288:nbb5BB4QJIESLFNST+9lHnRzCJQf/5dGhbKJaBFhapx8QpaQEMQMUE+L3SmG:nbbRfP4NR81hasQYMF+ub

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PAYMENT COPY SWIFT PDF tViyAmQ4Co0RNWZ.exe

Files

1ca6f20fc9e3cab264385bcb75eef1413b39aa5e914ac7957d7c790dd9e16a07
.zip
PAYMENT COPY SWIFT PDF tViyAmQ4Co0RNWZ.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 710KB - Virtual size: 710KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ