urelas | 990f3d1b3125b8997980309c803bf99c09275a8ea2a0b0e23a912e91856a6134 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

990f3d1b3125b8997980309c803bf99c09275a8ea2a0b0e23a912e91856a6134
Size

416KB
MD5

0ae69a2bafe5928ed064150b9d18a10c
SHA1

6ebb6c19d5cee88c896cb936d1d8f5b74a996cfa
SHA256

990f3d1b3125b8997980309c803bf99c09275a8ea2a0b0e23a912e91856a6134
SHA512

e7a1cacb19089ab3c28a02e6119127281d717b3e1fc1ff08feb38956aa0d194b59a36911401d62c67d927044f1435bbfa39459ee3e26a4a31fe706c66beef34f
SSDEEP

6144:y5SXvBoDWoyLYyzbpPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrBw/iF:yIfBoDWoyFboU6hAJQnrM2

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
990f3d1b3125b8997980309c803bf99c09275a8ea2a0b0e23a912e91856a6134

Files

990f3d1b3125b8997980309c803bf99c09275a8ea2a0b0e23a912e91856a6134
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 225KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HJSDRTRW
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE