urelas | 29e1c4d571b1e26f2e4a8653d84c00c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29e1c4d571b1e26f2e4a8653d84c00c0
Size

578KB
MD5

29e1c4d571b1e26f2e4a8653d84c00c0
SHA1

36d357099725499fa13bbe823ee6be67c7122e6d
SHA256

612738fa1c62e7e9e223d08c6b1311e02f7f7c779b67b8f1237a41e0fbc5f715
SHA512

fe0de56a69c3a423e707ae8e69f821d0c2eb12f31c4ce46d01fa7dd346b15feb88e040c10d048f45c0b0fcd1677acf8d45856717a497817e765c374ebc9e278e
SSDEEP

6144:eajY1oC+/U8Vjlx4kk9HKda4L383j8hpdoSQbQFsrF1W/h84IrV7mMpH8zQW4jQ7:uOlx4kk9HKda4Y38oSiQi4kVdcQzjG

Score

10^/10

upx urelas

Malware Config

Signatures

Urelas family
urelas

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e1c4d571b1e26f2e4a8653d84c00c0

Files

29e1c4d571b1e26f2e4a8653d84c00c0
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 253KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 92KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 226KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE