SWIFT[.]zip | Triage

Sharing

General

Target

SWIFT.zip
Size

676KB
MD5

633c765659549be9d82dffe1ae7230a1
SHA1

734d92321a1861ed456122c694810d3a45735fcc
SHA256

65960e8e90eade93847ff6be4cb9f271c97b69f76e633e1a38fd0230c1ccf911
SHA512

6448afff6f13d769022e9c8bc11909070589da90dea03dba368d4c676e7fc4588e1271a4d9ac2feb733e37e3b00c0ea268d6dbbab091c489308b8dd5ba8ad6d8
SSDEEP

12288:+4qhgPt8rE5ChFr2kn2UvXFpKVaH4HIW1dLapIMU6rbssxy3S4+r26s31ci:+6t8rx2kn2UvXHKoHwIWPO/rbfxy3SLS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b5Tu0LaQfn6bnAD.exe

Files

SWIFT.zip
.zip
b5Tu0LaQfn6bnAD.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 787KB - Virtual size: 786KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ