urelas | dced712858e07b6e158f1e9ff160abca6f7f29b9652e08507873a1641b2887f9 | Triage

Sharing

General

Target

dced712858e07b6e158f1e9ff160abca6f7f29b9652e08507873a1641b2887f9
Size

488KB
MD5

0101fb57cb8b8a974652102cce2e9a3b
SHA1

630c6a035e7bd16e2c73d99ec788dfd5565e502b
SHA256

dced712858e07b6e158f1e9ff160abca6f7f29b9652e08507873a1641b2887f9
SHA512

25d33c56b34ef42ef966071527b9325f6afa506d3f8f330aea0f5ce9a7f56dbce1da331dc1c68f0c903bb7ae871fff3bda063841595e19df3b046a8e410d79c4
SSDEEP

12288:Vpbvglu0agWSFnxAEwKyLH8l+O9H6s2si2XfxKTbeh1:VpbXi5xzFUBaazsiofx8C1

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dced712858e07b6e158f1e9ff160abca6f7f29b9652e08507873a1641b2887f9

Files

dced712858e07b6e158f1e9ff160abca6f7f29b9652e08507873a1641b2887f9
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 152KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 245KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ESER
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE