urelas | b448b4036e38ee15cc23bd293f44a1aedc4beae75206acaa9e1a3185450f15d0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b448b4036e38ee15cc23bd293f44a1aedc4beae75206acaa9e1a3185450f15d0
Size

388KB
MD5

3ef31308b80a0500834ba9107eeecf10
SHA1

0040de4d0745178f026f83489243d5d15b5d935e
SHA256

b448b4036e38ee15cc23bd293f44a1aedc4beae75206acaa9e1a3185450f15d0
SHA512

486b06d83d30a7e16b92cc4ac63726acf289a18eb4bbdbdf2c27890478c667cd8804d43101352e9b13c9c1abdb0752f37b0417ad5624d9649ca6417af1184395
SSDEEP

6144:e8efQ6QPJGcLbjg0H/0sGH+revgLIAP1fXo1Ebl:n6QPJGcE0VGereYdPc6

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b448b4036e38ee15cc23bd293f44a1aedc4beae75206acaa9e1a3185450f15d0

Files

b448b4036e38ee15cc23bd293f44a1aedc4beae75206acaa9e1a3185450f15d0
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ