1b5ee2bafa5b2e9f2d8eaf983e6f2331 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b5ee2bafa5b2e9f2d8eaf983e6f2331
Size

128KB
MD5

1b5ee2bafa5b2e9f2d8eaf983e6f2331
SHA1

770e4ba697508f194281dbde1981fe897273c14d
SHA256

3b688f11a342e8145bec049d8db903f2f2ddb4054264608d762ec74b89248833
SHA512

f9bbf7b065feb8fb8d89fb9b430c88c37f0bb6b2b9edf9b9d539eff7d04c8cdcf0f69bbae65a83dc996ac31d8ed3109a5410b2fc79d756fb0a85dafee815baa4
SSDEEP

3072:AnHXMpxcGxFyhQ0bOqYoxIcEWubRNcPe9d8T2y:YHmGY/o0o+hBbnF9GCy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GOLAYA-BABE.exe

Files

1b5ee2bafa5b2e9f2d8eaf983e6f2331
.zip
GOLAYA-BABE.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ