Behavioral task
behavioral1
Sample
606a70aba01fed4c70d53fd642dd84fd591cc9a3876c53b5b701db43d69ee8bd.exe
Resource
win7-20240215-en
General
-
Target
606a70aba01fed4c70d53fd642dd84fd591cc9a3876c53b5b701db43d69ee8bd
-
Size
126KB
-
MD5
2153f974210700b737ccf150caef8eca
-
SHA1
fca441508dcf01dc32afcac02445ad2f62a2a652
-
SHA256
606a70aba01fed4c70d53fd642dd84fd591cc9a3876c53b5b701db43d69ee8bd
-
SHA512
94c38f7bbeaaac0c0577b00336eab700b63265610ba4c9d0afa5476ab5e587c12db0bbe346b1ebbac3e0c35ea21f2f7953f2bde2a2c33d17af322ffc3b021211
-
SSDEEP
1536:4Vih9jjOABjWAqUffzNoBcTwE/sNW4Am8NsuPz4cnSXsWjcdy6YhQ45u7p1Ts:4VSRBPCoLY5RIzNdy6Y245Gp1w
Malware Config
Signatures
-
Urelas family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 606a70aba01fed4c70d53fd642dd84fd591cc9a3876c53b5b701db43d69ee8bd
Files
-
606a70aba01fed4c70d53fd642dd84fd591cc9a3876c53b5b701db43d69ee8bd.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
.text Size: 74KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 23KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 4KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 5KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IOSDWD Size: 4KB - Virtual size: 4KB
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE