urelas | 37580bfd7ed8e38ea63f6d49e4e8339d99793925d721ed57aba27992723d3dad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37580bfd7ed8e38ea63f6d49e4e8339d99793925d721ed57aba27992723d3dad
Size

487KB
MD5

42bc63e2b610142a7932870687e857d9
SHA1

128bafe11ce819f8f04f795ba2cd950ff7ccc2e0
SHA256

37580bfd7ed8e38ea63f6d49e4e8339d99793925d721ed57aba27992723d3dad
SHA512

664c8a3c8da619256bdcdcdc14495e30aed2e6126e46198ca8190d4210580bf7b4a3e637e9587e2d713ae2f1166f81edd0a0a75dbe7d72dc41a99e7fc80134a0
SSDEEP

12288:Vpbvglu0agWSFnxAEwKyLH8l+O9H6s2si2XfxKTbeP:VpbXi5xzFUBaazsiofx8C

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37580bfd7ed8e38ea63f6d49e4e8339d99793925d721ed57aba27992723d3dad

Files

37580bfd7ed8e38ea63f6d49e4e8339d99793925d721ed57aba27992723d3dad
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 152KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 245KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ESER
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE