urelas | f9b28ff766bc6d4d768138b77574dced_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9b28ff766bc6d4d768138b77574dced_JC.exe
Size

262KB
MD5

f9b28ff766bc6d4d768138b77574dced
SHA1

aaa220b728e14550ecda34d57447862a646d5728
SHA256

c5b27461b387bdd358ae725ae77f58072aa1ffa495d6b6ff7663e7a2f9d3aedc
SHA512

3e801e24fd92bd4302e1a5347cb0b2ad0147350be165af76d942f855a6da08d576e194249109207bd48530f14dbcaa856e62aac939892c758c4b336f64f9f5eb
SSDEEP

6144:RZibQcmlVD+BgotLvTtehd1wLIE92FJ1wZycp3HiTn4:R0q+BgotLvTtehd1wd92FJ1Nn4

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9b28ff766bc6d4d768138b77574dced_JC.exe

Files

f9b28ff766bc6d4d768138b77574dced_JC.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CHDODWOD
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ