urelas | 1e94e50379eb79df4ba74b986fb068212aa01b6690853bb4f81caff9b4481eb4N | Triage

Sharing

General

Target

1e94e50379eb79df4ba74b986fb068212aa01b6690853bb4f81caff9b4481eb4N
Size

264KB
MD5

fdd2e2e06e9fc96e91974ae2b6fe32b0
SHA1

c7fc4ebd41bdcc3e3aeb001275103e25a567ec4c
SHA256

1e94e50379eb79df4ba74b986fb068212aa01b6690853bb4f81caff9b4481eb4
SHA512

2598cd6437bc741a2947cc5318bab50b22606fa23bfc4cdf402539658c7d76d33184ac935ddd36f8221ad3e0107389394782e202d1b06fe49cb7074d827f5b21
SSDEEP

3072:AUApueDWSppTaeskDEjUrqfkZ557YzAL9gFoI3X3fZE5UANaH:ASeyGpTaesaQUufkL57YsL9NIx9ANaH

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e94e50379eb79df4ba74b986fb068212aa01b6690853bb4f81caff9b4481eb4N

Files

1e94e50379eb79df4ba74b986fb068212aa01b6690853bb4f81caff9b4481eb4N
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 140KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MOJSFDRR
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ