urelas | 973f49c2e66f93f230c8b91c8e85bfe4ff28618f6390e8655a19fcdf7288efa7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

973f49c2e66f93f230c8b91c8e85bfe4ff28618f6390e8655a19fcdf7288efa7
Size

174KB
MD5

bfb49de42c5c3fd8720841e4fa9c297b
SHA1

8a85730e69af730c8d366cadaef1bb7cb354d19d
SHA256

973f49c2e66f93f230c8b91c8e85bfe4ff28618f6390e8655a19fcdf7288efa7
SHA512

941679d21a3b247bbc1cb62e3886d5b8b298d1ab9b09a815304f57fbd45673f2a4eaae17783a827425a8385e941c63af119082b29bf704ae250b2e1f399d0932
SSDEEP

1536:eADA0Wbt1931D2P7BWLQ4zR4LUKMcPHFE3HP/GTW65CGEgvpxyTf5FQ:eADA0Wc7UJ6LZMaHLW65DE8pxWLQ

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
973f49c2e66f93f230c8b91c8e85bfe4ff28618f6390e8655a19fcdf7288efa7

Files

973f49c2e66f93f230c8b91c8e85bfe4ff28618f6390e8655a19fcdf7288efa7
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cxbvjsnd
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE