Behavioral task
behavioral1
Sample
8d4c5a4c7833c0eb1780de83a963a1c0_exe32.exe
Resource
win7-20230831-en
General
-
Target
8d4c5a4c7833c0eb1780de83a963a1c0_exe32.exe
-
Size
194KB
-
MD5
8d4c5a4c7833c0eb1780de83a963a1c0
-
SHA1
e14e167f297b8280b8e297c66cdfbe68f4473512
-
SHA256
def62f965de4a6d082e42d2d732a4bed624850b30c0ca7b499729ce091df8568
-
SHA512
380f7222cbe6c4993a480bd51ef4ca2baae01045e4ac9dfadf3d4a14fc790901f4dbb4f935db14e2088ccc8e5d657d87c62730331024613624a45c4ab53d413f
-
SSDEEP
3072:ulOCNlACeMKV6ETiiXd60iuic+XzoWad5N443nsexI:ugCNSv6p8lec+cTiqsexI
Malware Config
Signatures
-
Urelas family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8d4c5a4c7833c0eb1780de83a963a1c0_exe32.exe
Files
-
8d4c5a4c7833c0eb1780de83a963a1c0_exe32.exe.exe windows:5 windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
GSUDUHUW Size: 128KB - Virtual size: 148KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
GSUDUHUW Size: 57KB - Virtual size: 60KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ