urelas | 113880d8d4aed9aeab881e1ee288953c76a0a62f464d2bbb8d754a2c2db8d835 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

113880d8d4aed9aeab881e1ee288953c76a0a62f464d2bbb8d754a2c2db8d835
Size

268KB
MD5

35a53e797e37532cd39cf653fb4595e8
SHA1

32b6164343a00420eba48268268bfff5277d6e9c
SHA256

113880d8d4aed9aeab881e1ee288953c76a0a62f464d2bbb8d754a2c2db8d835
SHA512

f06ff98f4aeceefebe7e60df3713f87d0d63c423f3969106c9754f662346121f372c06aa6e526dfe5ec2ba75f782771f661d06075e2b89eba7e0422ee1472151
SSDEEP

3072:AUApueDWSppTaeskDEjUrqfkZ557YzAL9gFoI3X3fZE5UANav:ASeyGpTaesaQUufkL57YsL9NIx9ANav

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
113880d8d4aed9aeab881e1ee288953c76a0a62f464d2bbb8d754a2c2db8d835

Files

113880d8d4aed9aeab881e1ee288953c76a0a62f464d2bbb8d754a2c2db8d835
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 140KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MOJSFDRR
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ