urelas | 4caba179a7fc098dab96aa9e4440e977 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4caba179a7fc098dab96aa9e4440e977
Size

166KB
MD5

4caba179a7fc098dab96aa9e4440e977
SHA1

cc8390b73fb941d6b7528beb67f598a4b47f2aac
SHA256

cdc512d5b7196dd97cdbc04b181e05b325e8e7d65881e6ac1295082349c8048b
SHA512

e4f5194826aa3699c432544d3d631d26c294720c4bda4c5e3d1d7b1ad93f09775aa03dbbc19b2afeaf46e3f10c32740c27a0c02f92eb21cac2c93e2094247b14
SSDEEP

1536:frmUAJRSvweu6Id6vsqsYpRsW1D7kODiZUfZkKDzO/kC0VUQgMNGhoIPpcUqIHrO:z9AJRSvTvHN7xkKGsfPNGhoIPpcUqIK

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4caba179a7fc098dab96aa9e4440e977

Files

4caba179a7fc098dab96aa9e4440e977
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GTDTSYDW
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE