urelas | 579a63947d8ecee35667473825730c447b66b1eb80b9315d316ca15b717e17cc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

579a63947d8ecee35667473825730c447b66b1eb80b9315d316ca15b717e17cc
Size

158KB
MD5

a883c339c4636b588234db5ba5438ef4
SHA1

1ee207dec9d84f7d379f20e7398c1c77df64b689
SHA256

579a63947d8ecee35667473825730c447b66b1eb80b9315d316ca15b717e17cc
SHA512

22c4c192a5aa4bf23813fdecc75b3b3dfe499b0797160e9d66a3960f6d5e8f1a7bcbe729990f463fa1b4a383771f5dcd741ab520d1f3c6332604a1ee37e8a319
SSDEEP

1536:8iVlUPlfHeARjOsOAe2zBN7lE4U1sgzAom8JsuPIclSXsWjcdd6YGJYwYc3:nVlUPZRxfxE9Vs5cfdd6YGGI3

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
579a63947d8ecee35667473825730c447b66b1eb80b9315d316ca15b717e17cc

Files

579a63947d8ecee35667473825730c447b66b1eb80b9315d316ca15b717e17cc
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ