urelas | 2945a15d5c7c60a8cff15a6e932d806900fea3cb2d91535df0bbf1560167e7e7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2945a15d5c7c60a8cff15a6e932d806900fea3cb2d91535df0bbf1560167e7e7
Size

170KB
MD5

4463909d9aa6d9436cc08ade71c7778b
SHA1

c1718956e1d096626d18e851c80f52f8579033cb
SHA256

2945a15d5c7c60a8cff15a6e932d806900fea3cb2d91535df0bbf1560167e7e7
SHA512

1ded05d0aef2989756ff57db303442be099d77440edca80dc558109a91fedf2fb17425ce66e298ecd3e5d356b1941a47e14aebf444b6080982c0b3629d46dd08
SSDEEP

1536:C01+VO8LWbp4Zt/kvT2/AWbAoUETLKyUGDeF3eP8UVu065RG0/bpHwk5feKcSS8i:C019Tp4biALbUGc065Q0jpHwUcj

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2945a15d5c7c60a8cff15a6e932d806900fea3cb2d91535df0bbf1560167e7e7

Files

2945a15d5c7c60a8cff15a6e932d806900fea3cb2d91535df0bbf1560167e7e7
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hkhdgrgf
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ