urelas | 3ed5f07310fd489745d3d8c292983bb722b940eef98e576b3c8d04f0fffec2f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ed5f07310fd489745d3d8c292983bb722b940eef98e576b3c8d04f0fffec2f9
Size

514KB
MD5

d9bffe1a69b3c721a1ea1a324cdbd750
SHA1

b5ed425b60e78c549ae626bd9ac68c79e4f5fb41
SHA256

3ed5f07310fd489745d3d8c292983bb722b940eef98e576b3c8d04f0fffec2f9
SHA512

d6294fd014da2a51b50ef2a3d084b882c4d360ff7fb28337724c2428825cf523f934a886e63e86858318338b0cb731dbbf1c4cf3e48d188fd9dfd8d8d7ceaa3b
SSDEEP

12288:kdBNKTCqqwXCcdgTAH9+MvA+BisqYpxHtKwg:kLjQC+zHs0IR

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ed5f07310fd489745d3d8c292983bb722b940eef98e576b3c8d04f0fffec2f9

Files

3ed5f07310fd489745d3d8c292983bb722b940eef98e576b3c8d04f0fffec2f9
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ