3429cf5e123ed2ee7696c5b04ed48970 | Triage

Sharing

General

Target

3429cf5e123ed2ee7696c5b04ed48970
Size

95KB
MD5

3429cf5e123ed2ee7696c5b04ed48970
SHA1

a752cb5aa4c4a21407daac1d25fcd517ba56e0bf
SHA256

88bbeebbbc8f5e785357fd9b61d328c81aa3061994169015511899d9a7445fee
SHA512

afdc9ea17a3367324966f956dbe719004fd677c345f570ddf0a5c81f6183506eff7b17981f19018b590425b58c4c4298f32379c755548d4d9320b74d4fc19d7e
SSDEEP

1536:7vg1WKQmK74VzprUxe7kvLSPkIJNE9sq0Qs07t2vtLPGyMMobvZb6Zh3SuhUosHw:7vgEL7Yo4PkH9sIbqIyabveMuhUosaoW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PHOTO-GOLAYA.exe

Files

3429cf5e123ed2ee7696c5b04ed48970
.zip
PHOTO-GOLAYA.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ