urelas | 627fd0a7ea5c18312579d5e8f434d9a9_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

627fd0a7ea5c18312579d5e8f434d9a9_JC.exe
Size

268KB
MD5

627fd0a7ea5c18312579d5e8f434d9a9
SHA1

2c3dacc531d0f81dcf7f0266a36fc1a1d9e0a025
SHA256

d232bfb44c2b6cc399ee13c1ee53fd541050bc2fc1270dee75539ebf1a5b98f1
SHA512

d9a2996cd5cc247a61fcdf5132f8a38b5816898e75a49f4a3b5fb40682654164411802bb6bc91b53fc39743401a0a3ccd5dbbf588a4ad64e1fcada176ae37e77
SSDEEP

6144:bGOMmhsKI2ir5crKFHLZx2LpLDXeZOZhxOWpA:bGOIB5crKFHLZx2LpPeZOi

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
627fd0a7ea5c18312579d5e8f434d9a9_JC.exe

Files

627fd0a7ea5c18312579d5e8f434d9a9_JC.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ