74f2a6406642b79a516e873a379fbf4b | Triage

Sharing

General

Target

74f2a6406642b79a516e873a379fbf4b
Size

124KB
MD5

74f2a6406642b79a516e873a379fbf4b
SHA1

609f0748426d094b5555bb3f7a20a04a2ac40672
SHA256

dc21b5ce1f8e1518045def5cb1a6917ac894bb679dd6cc8082f5b24375c94b2b
SHA512

94489a45dab36d96f19b764859def4b51143578ad4e31bfb9b8106826ef9033265164b4dc48b8c0481f3ee19e09cfb9c057058a83dcb53b31ee5ba90d75a2882
SSDEEP

3072:Vl0img13tG90HdQ3SqtRaAUjfdaBdE3SrmnbmO2M41Mmi:VljpD9Q3TtRq7Unrwy1Mmi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

unpack001/PHOTO-GOLAYA.exe

Files

74f2a6406642b79a516e873a379fbf4b
.zip
PHOTO-GOLAYA.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ