urelas | df73881a3c44d9bb43723bc0e38525902d31258be2a7bb234d7eb69d23242270 | Triage

Sharing

General

Target

df73881a3c44d9bb43723bc0e38525902d31258be2a7bb234d7eb69d23242270
Size

115KB
MD5

690558cb914f44ae5127541183a9f640
SHA1

a89a3145410c8e862cca89ac106e69347655e59c
SHA256

df73881a3c44d9bb43723bc0e38525902d31258be2a7bb234d7eb69d23242270
SHA512

fd615e08ad89c3cfc2196b52150e494c5a232253f60248c51da66ebfcb3341b20e15c3ae0ca53a5c5b9a9071194c437367f228e1d75cd97ac53187c97c3f0c12
SSDEEP

1536:E/k0JjaN3J0zsD9Yh8nX4+C7NMycFvSXGIUc6tMrsWjcdD6SLVMR:E/lJjY1i04l2Fv2fwtMUD6SLVMR

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df73881a3c44d9bb43723bc0e38525902d31258be2a7bb234d7eb69d23242270

Files

df73881a3c44d9bb43723bc0e38525902d31258be2a7bb234d7eb69d23242270
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ