urelas | 9734ccd5ac4f7d0a76fbedff2d295012 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9734ccd5ac4f7d0a76fbedff2d295012
Size

440KB
MD5

9734ccd5ac4f7d0a76fbedff2d295012
SHA1

ab81acd3ac045c4aa67be0de5b5fe4aaa0a6c92a
SHA256

3c9094447a7eea7a63c6ed469baeae38d828aac618c3729e45dc625f77d4c70f
SHA512

6dca3aa40167447a64579596031b94a80543b0aae92de8fec3175a18ee3b456f94a64c621de346476de8cdb9f2bf1feea9ca2fdf93fe8fc5ada772a19aef228e
SSDEEP

6144:09XG4oXs663ypJL9fWlmGy3AiWd3tWlRjiJEZ8yJt0TfC29qhDD:0MPs663ypJ5WLy3pWd3tWDea5t0TfHaD

Score

10^/10

upx urelas

Malware Config

Signatures

Urelas family
urelas

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9734ccd5ac4f7d0a76fbedff2d295012

Files

9734ccd5ac4f7d0a76fbedff2d295012
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 257KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE