urelas | cf5fcd1ce26d83b71539b0edc1208adec76cf97e232d8156c8adfddb9d65b437[.]exe | Triage

Sharing

General

Target

cf5fcd1ce26d83b71539b0edc1208adec76cf97e232d8156c8adfddb9d65b437.exe
Size

164KB
MD5

6dcfa266f1fa61e2c654eab023ee2333
SHA1

9e1f2e7c59a64168e9d12464d4839a6fc834645d
SHA256

cf5fcd1ce26d83b71539b0edc1208adec76cf97e232d8156c8adfddb9d65b437
SHA512

185c9e64f795d1518983a1662a656de7996064753ae4a8bf374de941d948d7a7600e99e495a5c2b8284f6b2978615a9fc979ba144d01cf3f07092f50cd9305f4
SSDEEP

1536:TBozpvLpc3lM8/KedqfTnB8Yux9W1jVTTZufp6kKZLVBzRIUggnZkHuoILpPhHqH:NUvLa3mfTpNuAkKZZBdBeHuoILpPKoxk

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
cf5fcd1ce26d83b71539b0edc1208adec76cf97e232d8156c8adfddb9d65b437.exe

Files

cf5fcd1ce26d83b71539b0edc1208adec76cf97e232d8156c8adfddb9d65b437.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GTDTSYDW
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ