76491d1e50d31aa91f7bc1d1086dcb6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76491d1e50d31aa91f7bc1d1086dcb6f
Size

127KB
MD5

76491d1e50d31aa91f7bc1d1086dcb6f
SHA1

74467b60a4145ca774a6244a7f2f6980056cc064
SHA256

c8ff09f9bf656962ac20b531b56af97a39b434dd441dc344be3c841c17d90be0
SHA512

f0e2fbd3c5293b33c839a78a049c3254c45550f4aa3059e6eb7d4bb9207f48e6d130d1524179fb2d1fa7673b665a3761fae12a4c3e3a9429b9962ab26a8f7b5c
SSDEEP

3072:DvgEL7Yo4PkH9sIbkifAC+7s7UvVCT2JwAQNWSzx4i:DvgEPYo4PkM9JvVCgwA5S1/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PHOTO-GOLAYA.exe

Files

76491d1e50d31aa91f7bc1d1086dcb6f
.zip
PHOTO-GOLAYA.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ