urelas | 36fd7d061598bee1c95fa3c157b817ae21f1bfe4d608dcdd6404fc7af0688724 | Triage

Sharing

General

Target

36fd7d061598bee1c95fa3c157b817ae21f1bfe4d608dcdd6404fc7af0688724
Size

382KB
MD5

db0996f32b46445f7db4fc868c4f5f8b
SHA1

58d740d6f70363e02e46351338af5944c900b953
SHA256

36fd7d061598bee1c95fa3c157b817ae21f1bfe4d608dcdd6404fc7af0688724
SHA512

bcacd8a415661c6c0e64bbcc598923764eb554a756588bcf629a49006c9f88168de1614634c797640d052e59fe165b982ebe0eef0f40280e3cbb1c96dc3a608b
SSDEEP

6144:GKMvNQn2DlydH3L9KyGdZIoH5j9u7Q2N0Idgm3wIypgIkz:MV22DlydH3hydZI45P2WUgm37th

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36fd7d061598bee1c95fa3c157b817ae21f1bfe4d608dcdd6404fc7af0688724

Files

36fd7d061598bee1c95fa3c157b817ae21f1bfe4d608dcdd6404fc7af0688724
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IKJISJKJ
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE