urelas | e792a83528dedca5e79d5a1e4b7030ea7aaff7382c32ccab5b6ecf3caaa9c7fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e792a83528dedca5e79d5a1e4b7030ea7aaff7382c32ccab5b6ecf3caaa9c7fa
Size

122KB
MD5

86e4690a97c3b362ed56da9750785268
SHA1

2ed6846c6466da967763a98af5acaa0c06becc53
SHA256

e792a83528dedca5e79d5a1e4b7030ea7aaff7382c32ccab5b6ecf3caaa9c7fa
SHA512

6a748d616fb948b7e7d5d74642c936ead8594ec75eaa48b672cd61c732e43a52887aaee4b80e82ef8bd9d8e9ebf7de40404a04a8ff9cb198b0fba78e7f3f6441
SSDEEP

1536:4Vih9jjOABjWAqUffzNoBcTwE/sNW4Am8NsuPz4cnSXsWjcdy6YhQ45uEY/:4VSRBPCoLY5RIzNdy6Y245TS

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e792a83528dedca5e79d5a1e4b7030ea7aaff7382c32ccab5b6ecf3caaa9c7fa

Files

e792a83528dedca5e79d5a1e4b7030ea7aaff7382c32ccab5b6ecf3caaa9c7fa
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IOSDWD
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE