urelas | f3499f2c873db8d6da4fd7f49a842c05195a2f87060a3aaba1104d41123a0b5b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f3499f2c873db8d6da4fd7f49a842c05195a2f87060a3aaba1104d41123a0b5b
Size

126KB
MD5

69e0b65c276899ef49660357832c0090
SHA1

57fb09874f4e53969d9c6a29c6286f38bea42638
SHA256

f3499f2c873db8d6da4fd7f49a842c05195a2f87060a3aaba1104d41123a0b5b
SHA512

b2730555e7472b951d6c44d11f6232bace122b5bc557ea3debf3b2136bf6b7336c6cffa8685dff2e3988ba6c9aa42326999019d05b10605621b3fa73657d9a62
SSDEEP

1536:mgpAwb2hUzk+U/cUz9NoBcW1AHyW+77OU0DsuPGccjjWQ1sWjcd06U83NHMe7Ahi:ZAwixCZ6Sh77R2Gpf606U8dse7AhCay

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3499f2c873db8d6da4fd7f49a842c05195a2f87060a3aaba1104d41123a0b5b

Files

f3499f2c873db8d6da4fd7f49a842c05195a2f87060a3aaba1104d41123a0b5b
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

OPSJDHGW
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ