Static task
static1
Behavioral task
behavioral1
Sample
b5Tu0LaQfn6bnAD.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
b5Tu0LaQfn6bnAD.exe
Resource
win10v2004-20250314-en
General
-
Target
SWIFT.zip
-
Size
676KB
-
MD5
633c765659549be9d82dffe1ae7230a1
-
SHA1
734d92321a1861ed456122c694810d3a45735fcc
-
SHA256
65960e8e90eade93847ff6be4cb9f271c97b69f76e633e1a38fd0230c1ccf911
-
SHA512
6448afff6f13d769022e9c8bc11909070589da90dea03dba368d4c676e7fc4588e1271a4d9ac2feb733e37e3b00c0ea268d6dbbab091c489308b8dd5ba8ad6d8
-
SSDEEP
12288:+4qhgPt8rE5ChFr2kn2UvXFpKVaH4HIW1dLapIMU6rbssxy3S4+r26s31ci:+6t8rx2kn2UvXHKoHwIWPO/rbfxy3SLS
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/b5Tu0LaQfn6bnAD.exe
Files
-
SWIFT.zip.zip
-
b5Tu0LaQfn6bnAD.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 787KB - Virtual size: 786KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ