790f8baa64f1243f2b0d45bc2ce313f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

790f8baa64f1243f2b0d45bc2ce313f8
Size

99KB
MD5

790f8baa64f1243f2b0d45bc2ce313f8
SHA1

da1eef8808b902f4fb0ffb799e6de643ed912ddc
SHA256

6748c85057a19934a9083b6d4c9f0de19dada712298efcf729e6a29e89f4e463
SHA512

3e8cf7384358a6ee2ea96055b818458d7d007f68cac32681d1b068cfb6411a388a9ffc57b0c8717bf7e7ebe13d9cfa76abb03335376d333c008a12a440a7b234
SSDEEP

3072:V47excGxFLPkH9SnbZDa2a0paMyVlk0Vff+PlWfoBM:V+eGYtPk0Z+k0Vff+Pl2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PHOTO-GOLAYA.exe

Files

790f8baa64f1243f2b0d45bc2ce313f8
.zip
PHOTO-GOLAYA.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ