086c984c125708675cedf3e735ddbbe0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

086c984c125708675cedf3e735ddbbe0
Size

88KB
MD5

086c984c125708675cedf3e735ddbbe0
SHA1

678f74fc1c29ba3873baffc49658c1f6e1604e83
SHA256

27f8556087edd83fdd44e822a2b69f7bac3352f5e79b330f3059f03a98a3b277
SHA512

6b51ddb2221eb4445f379e1a3a8d2598f60e52f44d5efd361d3b5149cc3ae3a0e1031420a7e45e601bad14b0649741a1c87a5c0b0d0df27307cfc46cdf6d08ba
SSDEEP

1536:CQwHfvMS0xcGxFyhQkrnb1Mq9WbB7fS+lE+dFNpRD+xIh7N0YNPrEiJolmp:CnHXMpxcGxFyhQ0bOqYxf7v3YKj3JoUp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GOLAYA-BABE.exe

Files

086c984c125708675cedf3e735ddbbe0
.zip
GOLAYA-BABE.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ