urelas | 76beed71ba705491c5043719b4fa2ad0_exe32[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76beed71ba705491c5043719b4fa2ad0_exe32.exe
Size

360KB
MD5

76beed71ba705491c5043719b4fa2ad0
SHA1

c838e29f59e4e8339475264bb2050cc7a0e6322a
SHA256

4c62bc8dfed67c74b2415a896b262a27efd062fbf90832ec46c8402dd1c33f53
SHA512

b36294883c4d6396fd1c02b49281808193cf4cb64ca08443c9cdcfa57f3ca789f9cdff6e56dd9d22a8d4548d08a130036b070014d0706b14625165aa98877448
SSDEEP

6144:XVXL9oAlVsHS5dlHJj4cLLVD02vIv/7oS7z9:l6HS5dlHJj4cVY2vqoS

Score

10^/10

upx urelas

Malware Config

Signatures

Urelas family
urelas

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76beed71ba705491c5043719b4fa2ad0_exe32.exe

Files

76beed71ba705491c5043719b4fa2ad0_exe32.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 188KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE