74343457e9c09a435949b1e6448324fa | Triage

Sharing

General

Target

74343457e9c09a435949b1e6448324fa
Size

100KB
MD5

74343457e9c09a435949b1e6448324fa
SHA1

561819c67f7edf55daa9fab8666f57b6ab0fff23
SHA256

3b5a4731f3e52c7217a4e68feaf58cae6c3f0a3e35ea18b924efe9eeae1dec6d
SHA512

cbcf75b59229e83bdff57b672e5c8a787ad35bf82b63ed9c33a9dd3edfca2c4900c4dca2f18861beb88812d2db8d519d6d9153e930acb1e3ec25cef3440cc636
SSDEEP

3072:z47excGxFLPkH9SnbZDaajUVJcRw443hjzG3WA8ujM1jN:z+eGYtPk0Z+TJcRw443h/m6sM1x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PHOTO-DEVOCHKA.exe

Files

74343457e9c09a435949b1e6448324fa
.zip
PHOTO-DEVOCHKA.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ