urelas | 1b251f7c96f0dd027474fec67deb808a_JC[.]exe | Triage

Sharing

General

Target

1b251f7c96f0dd027474fec67deb808a_JC.exe
Size

175KB
MD5

1b251f7c96f0dd027474fec67deb808a
SHA1

a7cb75f199e6b5f406305eaae9781127dd25c29e
SHA256

ad2b6b7ad359e82798328079cb289d37c57a208bab79c26ed860668429cd21a1
SHA512

a75bf2bd5d5d451b9dff7583a1d77ee36495065f4c72eaa3fa45f8c1b5f6704bbf1a1e6f05c6592eb8abc2b10a23beee43d43d98913f7e5cb6704a4ab507f68f
SSDEEP

1536:fIN9E8RW2ZgACLU2/NpWb3owdFLVa7h5s3ePOHd265dCKspXmrj4mdUtb9Sc:fIc8RWrNcvXLM7u265wppXCQL

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b251f7c96f0dd027474fec67deb808a_JC.exe

Files

1b251f7c96f0dd027474fec67deb808a_JC.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bijdhfdg
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ