Behavioral task
behavioral1
Sample
bfb2d0ba26e58380d9726ff90275fd8d.exe
Resource
win7-20240221-en
General
-
Target
bfb2d0ba26e58380d9726ff90275fd8d
-
Size
236KB
-
MD5
bfb2d0ba26e58380d9726ff90275fd8d
-
SHA1
51b2ae4a3eb1d814eb6c6e288ba51a14d7667b0f
-
SHA256
0f09f3e21430744c3c858ea52acccae0a78e5f4877db67888907d0b524694c2b
-
SHA512
d71772f65ff878657b2febbe785ac5c8e4351b2804220c8fa3ba748f674d11ef3eebdc15f80d20cac9336b4ae03370c4bbae96b2e944e4f86b1ab20fae415769
-
SSDEEP
3072:K8ASpvo0LKrXEX65ezpxJ2kbJ7mv73E2o/9sY2R:ZASpvo0LKkRzpxJ2kRqroiR
Malware Config
Signatures
-
Urelas family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bfb2d0ba26e58380d9726ff90275fd8d
Files
-
bfb2d0ba26e58380d9726ff90275fd8d.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
BIDJOWDP Size: 155KB - Virtual size: 160KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BIDJOWDP Size: 79KB - Virtual size: 80KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE