urelas | 0dff57c3f520fa46bc984420cf0c34cdcf9e1f6d157e8977030fbd3a46a58462 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0dff57c3f520fa46bc984420cf0c34cdcf9e1f6d157e8977030fbd3a46a58462
Size

479KB
MD5

5de77eb7c4379bb0317e67ee1317f855
SHA1

e79a390bf65a3cbf27b4ff90cc071698327893aa
SHA256

0dff57c3f520fa46bc984420cf0c34cdcf9e1f6d157e8977030fbd3a46a58462
SHA512

36d2dbbf5f73126ba0c3c353987c876ea19054975d79b26317f71d24cc349b4469150eaac34fcfd338081541e54e099abf3956376abbb7257272d1691be51f9c
SSDEEP

6144:wqXAoQT5Tr9R0HN/3w36EnCYLTcz6MY5NYnE/QhyjxJBErrZAWkPW5oeNtLjpVOt:TQRI/3w36EnCYcFE/iydJai/WZt2

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dff57c3f520fa46bc984420cf0c34cdcf9e1f6d157e8977030fbd3a46a58462

Files

0dff57c3f520fa46bc984420cf0c34cdcf9e1f6d157e8977030fbd3a46a58462
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ