urelas | db67c417fd7bc947044c0a29888c493d0ec4a4dd4dd4a7b64b29f587c3c95791 | Triage

Sharing

General

Target

db67c417fd7bc947044c0a29888c493d0ec4a4dd4dd4a7b64b29f587c3c95791
Size

186KB
MD5

4491cbe6f8811578ad2c6481785d8f25
SHA1

2486de2ec51e2f3d39eb656ecd7e2f989efb4998
SHA256

db67c417fd7bc947044c0a29888c493d0ec4a4dd4dd4a7b64b29f587c3c95791
SHA512

d27062f3bd3b344b405b28ba5e27eca37f6bf4f60a39b0671d75b0abe7823bd15b892e8301e7b7af89e20aa8fa97a21eecfd78b9d3d563c58a6a270a5c953c2f
SSDEEP

3072:CgFeKWwO8PWlafsuKLIor6G4hvomP65TPp00uhtTI:CkeKWCWlafsFLR8BPwPp05TI

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db67c417fd7bc947044c0a29888c493d0ec4a4dd4dd4a7b64b29f587c3c95791

Files

db67c417fd7bc947044c0a29888c493d0ec4a4dd4dd4a7b64b29f587c3c95791
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cbnjiffe
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE