urelas | 205de400ee2ee97cc8dc9ba375f91cdaa974441180455bac8cc731cc38ac41bc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

205de400ee2ee97cc8dc9ba375f91cdaa974441180455bac8cc731cc38ac41bc
Size

488KB
MD5

508babc4a0bee2b3f11183ad56bef2ff
SHA1

794d476269ae0fcf102ed8f8f51720351feea3d8
SHA256

205de400ee2ee97cc8dc9ba375f91cdaa974441180455bac8cc731cc38ac41bc
SHA512

56e44cbd73c1c1c5af6cdbe63afb92c9ca6bb19bb10da87933deb420cb58038858e782acdb662050610124fae1d21c03bb5cd68a6303f1508753d0a3a90d8678
SSDEEP

6144:0KYd2cIBioTmi98K9hCqqwXCcLmygTJXqRKL6ENTsj67mvzlCx4yb2dr9BAo1yrt:+dBNKTCqqwXCcdgT+KLlNy67m7xAS5C

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
205de400ee2ee97cc8dc9ba375f91cdaa974441180455bac8cc731cc38ac41bc

Files

205de400ee2ee97cc8dc9ba375f91cdaa974441180455bac8cc731cc38ac41bc
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 159KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 245KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ESER
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ