Behavioral task
behavioral1
Sample
9dbdb6701a1cddf57b8b437e0aaa48b1134306e313becff62a76b6a5f37ddd37.exe
Resource
win7-20240221-en
General
-
Target
9dbdb6701a1cddf57b8b437e0aaa48b1134306e313becff62a76b6a5f37ddd37
-
Size
520KB
-
MD5
7aeb4fb5521d15566fbc495db4b72cc1
-
SHA1
a0239f1af6ce25d4e4837a9ff7ef1ee03a11c11b
-
SHA256
9dbdb6701a1cddf57b8b437e0aaa48b1134306e313becff62a76b6a5f37ddd37
-
SHA512
c3eec6503f28ee2af019ea9db49987ab5cc69737816351e6c060c7504d7566163ea45d5559a805a60f43753d27738b4c2395894d47afd43bab626984243bb22d
-
SSDEEP
12288:1dOLKTCqqwXCcdgT89+MvA+BisqYpxHtW:1AlQC+fs0M
Malware Config
Signatures
-
Urelas family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9dbdb6701a1cddf57b8b437e0aaa48b1134306e313becff62a76b6a5f37ddd37
Files
-
9dbdb6701a1cddf57b8b437e0aaa48b1134306e313becff62a76b6a5f37ddd37.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 159KB - Virtual size: 158KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 35KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 267KB - Virtual size: 266KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.htext Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE