urelas | 0317bda5dca72754c028085b1b66cdc0cbe00248a38502b5d6a22ae5e891e4e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0317bda5dca72754c028085b1b66cdc0cbe00248a38502b5d6a22ae5e891e4e3
Size

487KB
MD5

591dc09278eec89d04e5f3ba19100bf8
SHA1

ef2bb025c41f54df02beac75df87c97f62a4b27f
SHA256

0317bda5dca72754c028085b1b66cdc0cbe00248a38502b5d6a22ae5e891e4e3
SHA512

6b835248b13215b199322056981660127eb9a871ee6cea5aaf64d28b9c61354c2614edf29bee36677eac3a9e70c53c2a199cf8468c157617ea52da7b8e009f32
SSDEEP

12288:Vpbvglu0agWSFnxAEwKyLH8l+O9H6s2si2XfxKTbe6:VpbXi5xzFUBaazsiofx8L

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0317bda5dca72754c028085b1b66cdc0cbe00248a38502b5d6a22ae5e891e4e3

Files

0317bda5dca72754c028085b1b66cdc0cbe00248a38502b5d6a22ae5e891e4e3
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 152KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 245KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ESER
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE