urelas | f2306a912b257fea8e57f0b539c231c1_JaffaCakes118 | Triage

Sharing

General

Target

f2306a912b257fea8e57f0b539c231c1_JaffaCakes118
Size

264KB
MD5

f2306a912b257fea8e57f0b539c231c1
SHA1

638ed5accc90b0a5b6897fefa6fd81220938ce68
SHA256

7bb4cd6c4d3069246daa48e8e1934a0880f1949e10289bc3401dd7efeb0b9b93
SHA512

bbd4f39205eb9d69cf13ab2f3ea6a8ec030fab9d5f30a27a104d98bcfdcebafd844fca89d32907b3d4fbb67720f16164d0ece471e3004f3684aee1e44ff4fcc8
SSDEEP

3072:AUApueDWSppTaeskDEjUrqfkZ557YzAL9gFoI3X3fZE5UANa3:ASeyGpTaesaQUufkL57YsL9NIx9ANa3

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2306a912b257fea8e57f0b539c231c1_JaffaCakes118

Files

f2306a912b257fea8e57f0b539c231c1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 140KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MOJSFDRR
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ