Static task
static1
Behavioral task
behavioral1
Sample
urban.dll
Resource
win7-en-20211208
General
-
Target
750188ca7e0792e8c2c8db030c92403562c31d96ce5b6e23cec0b34fbc6c64ee
-
Size
262KB
-
MD5
421d1fd2f422040139978241de24850c
-
SHA1
16d3c82e93d6824033f23236f8f6315b1bd82557
-
SHA256
750188ca7e0792e8c2c8db030c92403562c31d96ce5b6e23cec0b34fbc6c64ee
-
SHA512
422ad0f248a8f710105f28faa3968738baf01793a956e78710191746d7b1e3a971e34ebb55c4c7c5c518b63918738f0208f36f9e2507514e10dab1c665a68fa1
-
SSDEEP
6144:DL//bltuFW4HdcgS1b05CHoqfhugTtsO0t++ofqrQlA6:DLnblYFW4HBS1b06oqfhHAt++oft
Malware Config
Signatures
Files
-
750188ca7e0792e8c2c8db030c92403562c31d96ce5b6e23cec0b34fbc6c64ee.zip
-
brutal.rmvb
-
rooftree.org
-
secretion.go
-
slug.gz
-
spatlum.thm
-
urban.tgz.dll windows x86
f74f2740d5eda04ae25f3ae74ab6eb2d
Code Sign
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
VirtualProtect
GetStdHandle
Sleep
CreateProcessA
CreateSemaphoreA
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RaiseException
RtlUnwind
GetLastError
FreeLibrary
LoadLibraryExW
InterlockedFlushSList
QueryPerformanceFrequency
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
GetFileType
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
ReadFile
GetProcessHeap
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
ReadConsoleW
HeapSize
CreateFileW
WriteConsoleW
Sections
.text Size: 187KB - Virtual size: 187KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 137KB - Virtual size: 137KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 67KB - Virtual size: 408KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 768B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
vanilla.xz