urelas | f3b3cac35836b451d0d21caec72d14f4af09d570bbc40338a2f5f5c4e49f1af9 | Triage

Sharing

General

Target

f3b3cac35836b451d0d21caec72d14f4af09d570bbc40338a2f5f5c4e49f1af9
Size

163KB
MD5

2502c7aa51d92692b9449d0fa1edb0ae
SHA1

10b042db80182b8130968cf5d3936dfec7520c51
SHA256

f3b3cac35836b451d0d21caec72d14f4af09d570bbc40338a2f5f5c4e49f1af9
SHA512

5d419fdd7e553906466fb7a23aa2c838bff8990971dc929ec9bfe7fd210e99a1360b6d770adeb16fb88e817de2b70ff8d54e2e628f2c90c565f5f0fc3d3dcb32
SSDEEP

1536:GRwT8ukP5sZK20EGIBpwW6NeleEQ77nuUWXJmU2AjpZWoI23A4tHF:APuk8QsH47nW5ppsoI23A4f

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
f3b3cac35836b451d0d21caec72d14f4af09d570bbc40338a2f5f5c4e49f1af9

Files

f3b3cac35836b451d0d21caec72d14f4af09d570bbc40338a2f5f5c4e49f1af9
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PACKMAN
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE