urelas | 9f60ee964b7a638afed89cfdc830724df9bfaec37c20c14b4fbb537fa2e8439d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9f60ee964b7a638afed89cfdc830724df9bfaec37c20c14b4fbb537fa2e8439d
Size

120KB
MD5

b8857ee4efef3fcfd4b2a510779f78c6
SHA1

d316879df71a297952c0911050aecd1c62f7d05d
SHA256

9f60ee964b7a638afed89cfdc830724df9bfaec37c20c14b4fbb537fa2e8439d
SHA512

ca98bde82040c717ad7f048ec73d468fe126a4f1c836e7cfc5273de765e5cf390a7a6dc7922bda40f3099b77f5b56b62d055b0604140b3d26ff6dd4eaffb5291
SSDEEP

1536:Mt/oSlEjl40ed9Yh848kz/mLKxwrCoacC5usWjcdl6EWGRLCsxKpA5s:Mtgqvi9nMKxQbK5xl6EWGpCsxKeq

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f60ee964b7a638afed89cfdc830724df9bfaec37c20c14b4fbb537fa2e8439d

Files

9f60ee964b7a638afed89cfdc830724df9bfaec37c20c14b4fbb537fa2e8439d
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HUSDTWDW
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ