urelas | 4e255c44de5b6a8b0c9b33944d64d308 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e255c44de5b6a8b0c9b33944d64d308
Size

122KB
MD5

4e255c44de5b6a8b0c9b33944d64d308
SHA1

c35b68c856b3fa83fa659b20282eb323046b931f
SHA256

ccf063bc8e90bb7ddb0bae2261deec722afd07bd8be280253be433e8396ef9fd
SHA512

b4d3b384c95f1b142dd7896249f1bcfc5b1bb87c365789cbe64ff035574f63c5600c257a4304f2ea2b6322b45dec22fc7f001c7a08f95208b321b1df18342465
SSDEEP

1536:DVih9jjOABjWAqUffzNoBcTwE/sNW4Am8NsuPz4cnSXsWjcdy6YAiQ45sIV:DVSRBPCoLY5RIzNdy6YO45/

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e255c44de5b6a8b0c9b33944d64d308

Files

4e255c44de5b6a8b0c9b33944d64d308
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IOSDWD
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ