urelas | 05e9598a420f2fe261cfd91129d4e755[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05e9598a420f2fe261cfd91129d4e755.exe
Size

381KB
MD5

05e9598a420f2fe261cfd91129d4e755
SHA1

846d3c88975e602a8a84bae40de10df1132490f3
SHA256

9bf5186b17a3aebd64192ee4a48b655bd695b0f029a6705146ae904de62bc693
SHA512

4e4f049639d909ba04119905beab9baf57f3c817003b2ecf31dc5a47b1b4b53a7b0ee1af9005632f1028b69478a1afce872b031994ce4f3ae5138c6dc1ce3843
SSDEEP

6144:GKMvNQn2DlydH3L9KyGdZIoH5j9u7Q2N0Idgm3wIypgIw:MV22DlydH3hydZI45P2WUgm37t1

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05e9598a420f2fe261cfd91129d4e755.exe

Files

05e9598a420f2fe261cfd91129d4e755.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IKJISJKJ
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE