Behavioral task
behavioral1
Sample
4b448d094eafabc03bbc4a2f7e162b2306542084c08e1eacb716b07bcd0935ad.exe
Resource
win7-20231129-en
General
-
Target
4b448d094eafabc03bbc4a2f7e162b2306542084c08e1eacb716b07bcd0935ad
-
Size
370KB
-
MD5
b33392085cac871c0419f5dfe397dd88
-
SHA1
2d960bf4926db71fdb34d9af1e23916919e01738
-
SHA256
4b448d094eafabc03bbc4a2f7e162b2306542084c08e1eacb716b07bcd0935ad
-
SHA512
611112722e3c71fb167bbfbc2ccbff808d0c3012d7d2710b9511d84274198c75b42fcba3397c655e73d776c7b8c025b446d24e3d741e7ffd6edcc3ecd399fc8c
-
SSDEEP
6144:CuJkl8DV12C28tLN2/FkCO0aHftvCGCBhDOHjTPmXHk62p8:CzGL2C2aZ2/F1XaveOHjT4
Malware Config
Signatures
-
Urelas family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 4b448d094eafabc03bbc4a2f7e162b2306542084c08e1eacb716b07bcd0935ad
Files
-
4b448d094eafabc03bbc4a2f7e162b2306542084c08e1eacb716b07bcd0935ad.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 100KB - Virtual size: 99KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 226KB - Virtual size: 225KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ