urelas | NEAS[.]edbd5bcb8739ce66b82cc0ecd6c4a7ae_JC[.]exe | Triage

Sharing

General

Target

NEAS.edbd5bcb8739ce66b82cc0ecd6c4a7ae_JC.exe
Size

380KB
MD5

edbd5bcb8739ce66b82cc0ecd6c4a7ae
SHA1

222f6220db0451029d6cb6a2976abf84c21669a8
SHA256

d59b3fc9f3902646c6377e7ab4d92e69cf8b5ae7c5639d84784e03a41360545e
SHA512

c55281b5aae072829fae5bb43a466a30c55619105a757e303587c332228116c10da7ffbc92359331706305a727e8294f0dac6d563d3e0a0a00fb3ae2fefb735e
SSDEEP

6144:GKMvNQn2DlydH3L9KyGdZIoH5j9u7Q2N0Idgm3wIypgDo:MV22DlydH3hydZI45P2WUgm37tU

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.edbd5bcb8739ce66b82cc0ecd6c4a7ae_JC.exe

Files

NEAS.edbd5bcb8739ce66b82cc0ecd6c4a7ae_JC.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IKJISJKJ
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE