urelas | d5c79880d6c7618cbc1ea237cd79d7871fd1f4a5730a56ba98415fe6c7e2eb16 | Triage

Sharing

General

Target

d5c79880d6c7618cbc1ea237cd79d7871fd1f4a5730a56ba98415fe6c7e2eb16
Size

113KB
MD5

ff10385250e75dd03e1d52b24afe366f
SHA1

117feb2ae62db3e9bb9d9a21d2e8cf54df9d832c
SHA256

d5c79880d6c7618cbc1ea237cd79d7871fd1f4a5730a56ba98415fe6c7e2eb16
SHA512

dfbddb01628eabd718795cbc4709e7d894021490def8f90e0cfa52594c371714fa451ee40dad87f2cb5d63b526402a9b04342882d2dd81f780221806da4ab433
SSDEEP

1536:mCnrJLwAXDtIBcUyk+8CooNvy3GNbcq7+sWjcdgy64TNSeb:htpCP+/oGvWSldgy64TNSeb

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
d5c79880d6c7618cbc1ea237cd79d7871fd1f4a5730a56ba98415fe6c7e2eb16

Files

d5c79880d6c7618cbc1ea237cd79d7871fd1f4a5730a56ba98415fe6c7e2eb16
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TYSGDGYS
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ