b8b72a193976661633b294754116b029 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8b72a193976661633b294754116b029
Size

124KB
MD5

b8b72a193976661633b294754116b029
SHA1

bb737d7e3b1869bd4860fa46426610ee6690b7b3
SHA256

3264e0e5d6f5d240dbce98d34d014f82df615216fef6334bc9489755332cb039
SHA512

138a048e1f77878b525c6ddb6b5358d448628a65d38b643b360449913e14d6187f9583d80520e819706f99c038f21180b81d33209a8f21f7ed70c82958bd6d08
SSDEEP

3072:hl0img13tG90HdQ3SqtRaAUjfdaBdE3SrmnbmO2M41Mm4:hljpD9Q3TtRq7Unrwy1Mm4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GOLAYA-TOPLESS.exe

Files

b8b72a193976661633b294754116b029
.zip
GOLAYA-TOPLESS.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ