urelas | 184b9df49ce837a56d6d893cc1714794_JaffaCakes118 | Triage

Sharing

General

Target

184b9df49ce837a56d6d893cc1714794_JaffaCakes118
Size

403KB
MD5

184b9df49ce837a56d6d893cc1714794
SHA1

bca34692e07e2bb2a701eb702775fff90a061dee
SHA256

f202f3af4ca77f6ec5e5290bc5f7fde6d405306d02d5da3c81fbb404a63fafa0
SHA512

9fc76367b92fc1b3e577b7669a22cc5dc153c7721bfefb93e9bf12408907375a158343091bf0d584231de44969fea3f0d1e609b040924e97b44e3b14c9cefdfe
SSDEEP

6144:85SXvBoDWoyLYyzbkPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBroh3:8IfBoDWoyFblU6hAJQnO9

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
184b9df49ce837a56d6d893cc1714794_JaffaCakes118

Files

184b9df49ce837a56d6d893cc1714794_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 225KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HJSDRTRW
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ap0x
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE