urelas | NEAS[.]717d0fa51e34be37be2b3e0c32e656b0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.717d0fa51e34be37be2b3e0c32e656b0.exe
Size

540KB
MD5

717d0fa51e34be37be2b3e0c32e656b0
SHA1

d0873c31b511dbb53f1ccc674abf7e0d02563c6a
SHA256

1b99503ae528343892f58a71010e98b98a9405ac28cb5da7c07b3012b9d50ceb
SHA512

755986a024f2a45cf6271b2fabe3e792075f5bdce3831656d02bff42a3642b16377bba38e943d11f698ca333be86f0811176c019bc497e4a5992675e1671c958
SSDEEP

12288:br2yIoUtq7QXF3Q6gVIXCCkMWguMcj0vbd5E0/Yw:bKypwFABVkF2jCBAw

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.717d0fa51e34be37be2b3e0c32e656b0.exe

Files

NEAS.717d0fa51e34be37be2b3e0c32e656b0.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 74KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 210KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSCW
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE