Behavioral task
behavioral1
Sample
d07ae5eb7a8e9c65fd0be420c14a0bb2.exe
Resource
win7-20240220-en
General
-
Target
d07ae5eb7a8e9c65fd0be420c14a0bb2
-
Size
187KB
-
MD5
d07ae5eb7a8e9c65fd0be420c14a0bb2
-
SHA1
ebe8e5114b9fe1f8599b69f4de189676d6624301
-
SHA256
ad3fdf98b8be3c2bc0f7fe96aec6df4bd686fee78f5249cb73aeffe65540b99d
-
SHA512
3bce4a31d8c09ec196497ff7fc5fb534f057b18c6ca291382c06286662f220e99eb89063fce1ba6bbd5826bf9df3bf01f2fe9905f8096628836286fdf1e0e095
-
SSDEEP
3072:u3mvqCDm+W03RB5eUp6UlD/mUKissApfA6y4YHFad:2mvqeP33AYFIN9treHy
Malware Config
Signatures
-
Urelas family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d07ae5eb7a8e9c65fd0be420c14a0bb2
Files
-
d07ae5eb7a8e9c65fd0be420c14a0bb2.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
HOUYDBBF Size: 128KB - Virtual size: 140KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HOUYDBBF Size: 55KB - Virtual size: 56KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE