f8c363d639f164eb8a76b0c6e1270fbd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f8c363d639f164eb8a76b0c6e1270fbd
Size

80KB
MD5

f8c363d639f164eb8a76b0c6e1270fbd
SHA1

f9232d3b1751bc83a3ba98808e93c576fca83c85
SHA256

61fb6bf699e457bb9f959b1340ad8cf3912410efdd6971f58fe0256810f33074
SHA512

e2c52f8cb285408cdbcf8be0acf4a29cab79415f7df274824aa72445543961d696f20f6bf1a119a973bd9506b396cc0275725a439eacf5d03f56e3996806cfb5
SSDEEP

1536:IQWQFGFI/PvgCRN59/iWfGXnXn8j5oWKg7LB5Eux3txe/:Xrz/BRgW2nIoz+d5EuLxS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GOLAYA-RUSSKAYA.exe

Files

f8c363d639f164eb8a76b0c6e1270fbd
.zip
GOLAYA-RUSSKAYA.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ