urelas | e9f8ff497701a85312356d71b164d4ece5476ef7afdf974a4466f623940e4102 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9f8ff497701a85312356d71b164d4ece5476ef7afdf974a4466f623940e4102
Size

144KB
MD5

1e7164d137353b117469423543b51dfa
SHA1

7d965f1a201c24a13985e664fa6574d7d680d881
SHA256

e9f8ff497701a85312356d71b164d4ece5476ef7afdf974a4466f623940e4102
SHA512

62a8c26ec42098ab5693f29d8a13990aa536fff496c1b7b2f3ae5a4e487b754a633057b12c6b730764463a9e97785c29e555de4a26e2cbabad32b968e7be1682
SSDEEP

1536:1i+N6u0utYGsoK2mEGIBp+WWN7YfEj77iZ76vVGU2AjK15t5uPpdrcIPWAWvnTX3:wYYutRQSc/7c6tJK7t5uPpdrxOhvnTn

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9f8ff497701a85312356d71b164d4ece5476ef7afdf974a4466f623940e4102

Files

e9f8ff497701a85312356d71b164d4ece5476ef7afdf974a4466f623940e4102
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ