urelas | 46c8d670a3fd21eddcf66e6dbb5e1cf9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46c8d670a3fd21eddcf66e6dbb5e1cf9_JaffaCakes118
Size

476KB
MD5

46c8d670a3fd21eddcf66e6dbb5e1cf9
SHA1

51b66d6d867dc76e19de2235e300c1ab426cb9b4
SHA256

1d65e9914bcd795da76ccf3a0e8db31763a161c31a1c0ce1528be23720639dc7
SHA512

9c4d5f0b5f6afea518deda5928f1453de48c4cd1bf58cdaecaf2aa81808623db33a3e71f4effc60c147f8b7b99e2e01b851d5fafbf53ed280654c7a19d780504
SSDEEP

6144:LqXAoQT5Tr9R0HN/3w36EnCYLTcz6MY5NYnE/QhyjxJBErrZAWkPW5oeNtLjpZ:mQRI/3w36EnCYcFE/iydJai/WZt3

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46c8d670a3fd21eddcf66e6dbb5e1cf9_JaffaCakes118

Files

46c8d670a3fd21eddcf66e6dbb5e1cf9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ