0b6fe474490bda03509f83d6fdff1018 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b6fe474490bda03509f83d6fdff1018
Size

132KB
MD5

0b6fe474490bda03509f83d6fdff1018
SHA1

9dbc6c858788d4c01875ccad57f37b1337283447
SHA256

1d17cf473376f4e7d1b29ce422235f5a07c3e3160b949603d0c5d2d3fd4d5131
SHA512

3aecad3f6d9cee284e0b6c900305fd84ded3f7105e1052ef1c657b2f6bafa52a75861ba6453e98b7f5b6fa1e75d697e7cc76cda3eda69fda3d682abc0c0931b5
SSDEEP

3072:vrz/BRgKl+bsTJbUeosb3WPIoSdJ64Jbj:vP/BRgKwgNUtSWPIoSdw41j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GOLAYA-DEVOCHKA.exe

Files

0b6fe474490bda03509f83d6fdff1018
.zip
GOLAYA-DEVOCHKA.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ