urelas | 10eb75ed6f0669230cadd78089dcba5cd4a849e512f71053e955f6ce0c812ca0 | Triage

Sharing

General

Target

10eb75ed6f0669230cadd78089dcba5cd4a849e512f71053e955f6ce0c812ca0
Size

399KB
MD5

dbdac103db46cfbe2b5762de21b6536e
SHA1

f5121d5fba25bc379fc50b82c19f08bccc849a9e
SHA256

10eb75ed6f0669230cadd78089dcba5cd4a849e512f71053e955f6ce0c812ca0
SHA512

b407fc4179999357cc1f328e57ef275ef883aeca11b8583491a6bfb64af6c48eabd0640b1bfb1b6e7f9671ac75c8c7ef40fe655993be8fc6785c1e68bbba175e
SSDEEP

6144:Osa1jZVgy03se7k5kBTTg7YMz6j8GuHEqqtKKUrBwj3bdRZ0UG:qtVgyuse2kBXg7Cj81cKK7jB4

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10eb75ed6f0669230cadd78089dcba5cd4a849e512f71053e955f6ce0c812ca0

Files

10eb75ed6f0669230cadd78089dcba5cd4a849e512f71053e955f6ce0c812ca0
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PLKJHHGF
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ