urelas | 606a70aba01fed4c70d53fd642dd84fd591cc9a3876c53b5b701db43d69ee8bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

606a70aba01fed4c70d53fd642dd84fd591cc9a3876c53b5b701db43d69ee8bd
Size

126KB
MD5

2153f974210700b737ccf150caef8eca
SHA1

fca441508dcf01dc32afcac02445ad2f62a2a652
SHA256

606a70aba01fed4c70d53fd642dd84fd591cc9a3876c53b5b701db43d69ee8bd
SHA512

94c38f7bbeaaac0c0577b00336eab700b63265610ba4c9d0afa5476ab5e587c12db0bbe346b1ebbac3e0c35ea21f2f7953f2bde2a2c33d17af322ffc3b021211
SSDEEP

1536:4Vih9jjOABjWAqUffzNoBcTwE/sNW4Am8NsuPz4cnSXsWjcdy6YhQ45u7p1Ts:4VSRBPCoLY5RIzNdy6Y245Gp1w

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
606a70aba01fed4c70d53fd642dd84fd591cc9a3876c53b5b701db43d69ee8bd

Files

606a70aba01fed4c70d53fd642dd84fd591cc9a3876c53b5b701db43d69ee8bd
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IOSDWD
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE