Behavioral task
behavioral1
Sample
c61e4c357290a31faca4db045b53cc112cad3ac615f167ed3e54bf837bc13afe.exe
Resource
win7-20240221-en
General
-
Target
c61e4c357290a31faca4db045b53cc112cad3ac615f167ed3e54bf837bc13afe
-
Size
201KB
-
MD5
3d20deb54ee3306d88850606dedb6737
-
SHA1
44a0359d73aaee8be34498397595ec796e7f83b3
-
SHA256
c61e4c357290a31faca4db045b53cc112cad3ac615f167ed3e54bf837bc13afe
-
SHA512
58f6f6c14c17db51c436c1c2b7b166a5a91fa07cf184358a4a643de46557fd5e4c88d5c00ac775ca76f5d3ba6f3a1c40a6c278e4fedb723de3326cff2d0fda5a
-
SSDEEP
3072:llfTVlvfdEDRmyc+XA60Kj4omjuVZ6rNp0Vh:lpTV9rZllomjuCNp0f
Malware Config
Signatures
-
Urelas family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c61e4c357290a31faca4db045b53cc112cad3ac615f167ed3e54bf837bc13afe
Files
-
c61e4c357290a31faca4db045b53cc112cad3ac615f167ed3e54bf837bc13afe.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
HHSUHUDH Size: 128KB - Virtual size: 148KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HHSUHUDH Size: 60KB - Virtual size: 64KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ