73519f937ce56d1f234e285707f61f33 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73519f937ce56d1f234e285707f61f33
Size

128KB
MD5

73519f937ce56d1f234e285707f61f33
SHA1

852f542ca038747b6fea9e844364339bc255ba34
SHA256

e4fc6f8008354854cadf8ac18f34254e597d2c609928bdf72ac94b16ecb53a7b
SHA512

884236705f2474ad093aba2b3f081f3f501030ed6395814960fd7f2f296da4e3b68a07f993e859df83bc32966f94d61f8916cc0d02799299792073a7dd0b02ac
SSDEEP

3072:TnHXMpxcGxFyhQ0bOqYoxIcEWubRNcPe9d8T2G:7HmGY/o0o+hBbnF9GCG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GOLAYA-BABE.exe

Files

73519f937ce56d1f234e285707f61f33
.zip
GOLAYA-BABE.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ