c0567c596e0ad2fda49cd9cff4d45c0b | Triage

Sharing

General

Target

c0567c596e0ad2fda49cd9cff4d45c0b
Size

99KB
MD5

c0567c596e0ad2fda49cd9cff4d45c0b
SHA1

ea717432bbecc017307ac23b38bdb534e04bf047
SHA256

ad2750aac2523be52197b6d427517d5dac150e0158441ecf77d447eef862cdf4
SHA512

3149a0c19a81e3b2dbe3c348920144945c73a7f57328403c4f0aa358d886809e58e45ffbca0a4563f33e684dad993941e4c0b9b8298c0bb265d2e5c2a97b8b49
SSDEEP

3072:Y47excGxFLPkH9SnbZDazFA1XdqXIX4UtjI:Y+eGYtPk0Z+zO/qYI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GOLAYA-BABE.exe

Files

c0567c596e0ad2fda49cd9cff4d45c0b
.zip
GOLAYA-BABE.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ