urelas | b9c66de119f83e863a49e8903969441a_JaffaCakes118 | Triage

Sharing

General

Target

b9c66de119f83e863a49e8903969441a_JaffaCakes118
Size

476KB
MD5

b9c66de119f83e863a49e8903969441a
SHA1

49773d5e60480274663094820e17e6057a47cea5
SHA256

78f740d60cc2b3b7200fc3fc7395e1a9c03cb373cea633ffa95d1591b94846c7
SHA512

18e89dcce4429b89613c34c090da7edb96c715874aca36b279a510ca236478760e034507d93f9212f49b1aaf7e7e5185c7175a9990d3260b69d55af84bbce3d2
SSDEEP

6144:LqXAoQT5Tr9R0HN/3w36EnCYLTcz6MY5NYnE/QhyjxJBErrZAWkPW5oeNtLjpK:mQRI/3w36EnCYcFE/iydJai/WZtU

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
b9c66de119f83e863a49e8903969441a_JaffaCakes118

Files

b9c66de119f83e863a49e8903969441a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ