57a61cd6fa84392ade3bf7d4975dfff5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

57a61cd6fa84392ade3bf7d4975dfff5
Size

99KB
MD5

57a61cd6fa84392ade3bf7d4975dfff5
SHA1

3a39e32edf62c65a33d4a93d9e070da7e4728a60
SHA256

459a474497c851e4b461f1f37a76b02822cdc2fcad2916d3a9890afe1c665454
SHA512

4e83cac8408798ebed1e5f81d1f4f3696946c25a233d6dc5c02879dd438118c2a9e8736bfb79a0564fed1b9071e4e004e537a9c258ef98719b5aebf84377817b
SSDEEP

3072:V47excGxFLPkH9SnbZDaUlIl+b+blR5+BVA6:V+eGYtPk0Z+U2l+b+bj4BVH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PHOTO-GOLAYA.exe

Files

57a61cd6fa84392ade3bf7d4975dfff5
.zip
PHOTO-GOLAYA.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ