75a7ff993e07ada17bacb275e8a6a1b6 | Triage

Sharing

General

Target

75a7ff993e07ada17bacb275e8a6a1b6
Size

99KB
MD5

75a7ff993e07ada17bacb275e8a6a1b6
SHA1

ffd2e226b1c7bdce066792c57293d64a8d9838d1
SHA256

26dba158868b3d7326334e4a624970cacec0e3259061e548e7cf525244a0ab2b
SHA512

c53490374b92aecaaa027c5eb2b342df50171525d2b74d7db7f68c468a9c9eef460320086893a08f05e4c03a7be50e26d83c5dce1cdea8f2364865c33c78e9d7
SSDEEP

3072:547excGxFLPkH9SnbZDa2a0paMyVlk0Vff+PlWfoBY:5+eGYtPk0Z+k0Vff+Ple

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PHOTO-GOLAYA.exe

Files

75a7ff993e07ada17bacb275e8a6a1b6
.zip
PHOTO-GOLAYA.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ