urelas | b785482b6a4908774fee92ddba64828e2082cc0736b5a4e0b2adaaad6511232c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b785482b6a4908774fee92ddba64828e2082cc0736b5a4e0b2adaaad6511232c
Size

144KB
MD5

782021102cea2fed4e29b2dbb3320be4
SHA1

c44cda2ce82128e77d98e1748395d46626ed13c5
SHA256

b785482b6a4908774fee92ddba64828e2082cc0736b5a4e0b2adaaad6511232c
SHA512

5bac620903c54e34c2ae56a1e788e54fbc923370371ab6fdd164e0668e08d7a1f7663247d4de7ba2280b223b82cfbde402808a16102b17572c08640db812602b
SSDEEP

1536:1i+N6u0utYGsoK2mEGIBp+WWN7YfEj77iZ76vVGU2AjK15t5uPpdrcIPWAWvnTXc:wYYutRQSc/7c6tJK7t5uPpdrxOhvnTs

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b785482b6a4908774fee92ddba64828e2082cc0736b5a4e0b2adaaad6511232c

Files

b785482b6a4908774fee92ddba64828e2082cc0736b5a4e0b2adaaad6511232c
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ