urelas | 228f9fe5dd7b24dd955e9e91765dbc8a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

228f9fe5dd7b24dd955e9e91765dbc8a
Size

208KB
MD5

228f9fe5dd7b24dd955e9e91765dbc8a
SHA1

a78afc390ff41bc5e97154b46e0eadf229ceb958
SHA256

4437a7130af4553bcf1b676aad12319ce9dfa77ea530341e83d8904e39c73535
SHA512

f20a0eedae81a2baaab4b7fa85d5252b59a646c12a810ed4283515f3f450e9cd16d9d130a77c547b3b316b9365deb43e3b5ae3225e82b5a0e0c799a22a4eeb41
SSDEEP

1536:1BucKHs7K2HEG7BpoWiZBYHs977q+7INVdU2Aneb61TVcz+3MJb6rcU:PuchogM57bIL+eb61TVa+3MJb6v

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
228f9fe5dd7b24dd955e9e91765dbc8a

Files

228f9fe5dd7b24dd955e9e91765dbc8a
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 145KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE