urelas | c27c7bb0568b1005acb20f8e91ec480fac553bdbbe69c67d457b07f7c161a0e6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c27c7bb0568b1005acb20f8e91ec480fac553bdbbe69c67d457b07f7c161a0e6
Size

487KB
MD5

28f89239b9d5270d1ea33eba8eb19bf9
SHA1

564d1df07c4f12cfd834dfec65ae30b222cedbcd
SHA256

c27c7bb0568b1005acb20f8e91ec480fac553bdbbe69c67d457b07f7c161a0e6
SHA512

e8241c1cff2b61011eb13120a13e9553a1aac728869a79da30d7d285a1769b426a8872da8eec9fe3ba4b9d4b6fb7e062323533b5b737bc24a8899281a5df29ee
SSDEEP

12288:Vpbvglu0agWSFnxAEwKyLH8l+O9H6s2si2XfxKTbehT:VpbXi5xzFUBaazsiofx8CT

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c27c7bb0568b1005acb20f8e91ec480fac553bdbbe69c67d457b07f7c161a0e6

Files

c27c7bb0568b1005acb20f8e91ec480fac553bdbbe69c67d457b07f7c161a0e6
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 152KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 245KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ESER
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE