becc5f8a1853bd9854bd13aceae7fce6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

becc5f8a1853bd9854bd13aceae7fce6
Size

116KB
MD5

becc5f8a1853bd9854bd13aceae7fce6
SHA1

6cdb0317536015e990ef69c5e8f82350f769d1a9
SHA256

f47bb84ddafa7cfe8f5fd032329bc7e2832281c29056377251752c625eb6b3bf
SHA512

038aaed16659823e496022fa63653e4c1b0458525062a7be34b2c900711ddb9f55e461c7cfd3c6c2b845643616d18d5d99466c118d46fa7cdf089437e3d4722b
SSDEEP

3072:2srbFcp/BRgCulI4whChfRSdsMJyNe/VlX8yxl:drRcp/BRgCjfYfRSdsMJme/rs0l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PHOTO-GOLAYA.exe

Files

becc5f8a1853bd9854bd13aceae7fce6
.zip
PHOTO-GOLAYA.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ