urelas | 4338d227b68d80fc282073c758d0bac1 | Triage

Sharing

General

Target

4338d227b68d80fc282073c758d0bac1
Size

366KB
MD5

4338d227b68d80fc282073c758d0bac1
SHA1

7fb57bdfcfd56035b34adf47bdd6e1cd205613ce
SHA256

41a06a41931fe281179944dbc9ec941d88eac9063d8877664c4e584569e4cb66
SHA512

0942b5dfe9f4b4e20607f772d885965590d76432a35343702418a3c91cc3f1abd76bfcdbcd09939f8ea43786464bf3453474cb97da0c342e5654d5c1c45e90ab
SSDEEP

6144:OuJkl8DV12C28tLN2/FkCO0aHftvCGCBhDOHjTPmXHk62pk:OzGL2C2aZ2/F1XaveOHjTo

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4338d227b68d80fc282073c758d0bac1

Files

4338d227b68d80fc282073c758d0bac1
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 226KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

POKJGRDT
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ