urelas | 388ce8c6a63a2c0567ce2e6c5c8ce172 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

388ce8c6a63a2c0567ce2e6c5c8ce172
Size

168KB
MD5

388ce8c6a63a2c0567ce2e6c5c8ce172
SHA1

8784417443243904b095962783183db42b486bf9
SHA256

da6e8bddff4dd6c694f50121fdd668e73d5d10554598d3e162aaf9154daea30d
SHA512

52c730df7e3df1e669ff274268d421d7c8c206c51afb856d623249fb23aa546baa8801308f0c0958bb7add304c6171dd5cd7bf96f4c283ec0b05254f18c54631
SSDEEP

1536:eADA0Wbt1931D2P7BWLQ4zR4LUKMcPHFE3HP/GTW65CGEgvpxyTf/T:eADA0Wc7UJ6LZMaHLW65DE8pxWz

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
388ce8c6a63a2c0567ce2e6c5c8ce172

Files

388ce8c6a63a2c0567ce2e6c5c8ce172
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cxbvjsnd
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE