bb2ee421b7d8ab64b2a39b3eeb0ae8c3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb2ee421b7d8ab64b2a39b3eeb0ae8c3
Size

79KB
MD5

bb2ee421b7d8ab64b2a39b3eeb0ae8c3
SHA1

514f07013570855514b056312796eaf77e1c24bd
SHA256

98f9eda1f0d8b748c8d06a4ce32dd295ccac516f48689e4e054968ae26a7abe4
SHA512

e664feb0e4a616a2ad9f3b17e89b2c11da4d73b9bda6694fd86e4967a57149e8b9d342542001236572d2e55d498a6f7ce4a19dd84887fd7fadf13bfc7f1d04f6
SSDEEP

1536:fvg1WKQmK74VzprUxe7kvLSPkIJNE9sq0Qs07t+vhAUqHRKKXPTKFnmq/MH5YEAD:fvgEL7Yo4PkH9sIbMpAxQKXP+Fr/MHNK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PHOTO-GOLAYA.exe

Files

bb2ee421b7d8ab64b2a39b3eeb0ae8c3
.zip
PHOTO-GOLAYA.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ