135dce1fb99e63b66cbb1ca5a02c5db1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

135dce1fb99e63b66cbb1ca5a02c5db1
Size

131KB
MD5

135dce1fb99e63b66cbb1ca5a02c5db1
SHA1

ee62c61221a6994cfa5c12e0f5e067d054e5e64f
SHA256

1dceb7174dcc20d37a2b8add0a988a3ee0e886a8d847d58fa5b9868f76b72eed
SHA512

8cc3a8503ab929275d313b7c95cb5e30f48aaf4f282085d3234e526cfff96e1702464ccd2a76a49193417cff93822b5b3e47a69aa03fdb3252513cf97cf8a676
SSDEEP

3072:GnHXMpxcGxFyhQ0bOqYW6Qn6RuhCmICnACTIUAf9QnwhmHn:iHmGY/o0W6Q6R8CsnVTI4wh+n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GOLAYA-BABE.exe

Files

135dce1fb99e63b66cbb1ca5a02c5db1
.zip
GOLAYA-BABE.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ