urelas | 38665bc2148b799ce6674662eefff77b5003e0fa61507c55e57a5860998b38ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38665bc2148b799ce6674662eefff77b5003e0fa61507c55e57a5860998b38ac
Size

488KB
MD5

6ccfbdae9e07d299357967b21b62019e
SHA1

910148e3f0e4aefce696dffac78047569dfb7734
SHA256

38665bc2148b799ce6674662eefff77b5003e0fa61507c55e57a5860998b38ac
SHA512

d780c888fc62383108b67c55afa459610f2a1a81d3c75ce8f574b478ea42d7f9f2487e36e0a01860c1fd8f26be9b88b288c7dcf2f72977be4efbbc7ec09949df
SSDEEP

6144:0KYd2cIBioTmi98K9hCqqwXCcLmygTJXqRKL6ENTsj67mvzlCx4yb2dr9BAo1yr8:+dBNKTCqqwXCcdgT+KLlNy67m7xAS5j

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38665bc2148b799ce6674662eefff77b5003e0fa61507c55e57a5860998b38ac

Files

38665bc2148b799ce6674662eefff77b5003e0fa61507c55e57a5860998b38ac
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 159KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 245KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ESER
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ