urelas | c0ea1f02d98705fa23f0f37da08b0b14 | Triage

Sharing

General

Target

c0ea1f02d98705fa23f0f37da08b0b14
Size

207KB
MD5

c0ea1f02d98705fa23f0f37da08b0b14
SHA1

5a688d0be7e642aa3d7541252b9b59cf0ba217f2
SHA256

69e8d0b8e0fc8511858eabb85e1d4b5d23eaa9b3dd8adbf96b681aa1476b9cec
SHA512

3d445a1a2234affe526ce3c6f119291fb731c846706e1b0c7d6608c9bc0ce8864f167e552761cba109015576c95b9cdf152d35a3d3734649cf3c785ce496ea3e
SSDEEP

1536:1BucKHs7K2HEG7BpoWiZBYHs977q+7INVdU2Aneb61TVcz+3MJb6rcR6:PuchogM57bIL+eb61TVa+3MJb61

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0ea1f02d98705fa23f0f37da08b0b14

Files

c0ea1f02d98705fa23f0f37da08b0b14
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 145KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE