urelas | NEAS[.]347ea051602b9878f5d6d6daa6f36bba_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.347ea051602b9878f5d6d6daa6f36bba_JC.exe
Size

144KB
MD5

347ea051602b9878f5d6d6daa6f36bba
SHA1

3067c80aac505f849e1ddd82d2930a09d7a95834
SHA256

91ed570080841fe3c3118a10acd225a53d8e897c7ec4ee366cca8748e680a2ba
SHA512

54155f0eed13128e970e2b27041b25e2876c35700af960c83a74bb5d840aa4f1c7cc96d6f13cc38f83501d315d7d87c25c9dd143da5518e6709e74b53141c4ba
SSDEEP

1536:X0MXVO8LWbp4Zt/kvT2/AWbAoUETLKyUGDeF3eP8UVuJ65RG01spIvOv5fyI:X0M4Tp4biALbUGcJ65Q0qprT

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.347ea051602b9878f5d6d6daa6f36bba_JC.exe

Files

NEAS.347ea051602b9878f5d6d6daa6f36bba_JC.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fsfdgdfg
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ