urelas | NEAS[.]b90bcabc5f66d850444f80a71487ba30[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b90bcabc5f66d850444f80a71487ba30.exe
Size

352KB
MD5

b90bcabc5f66d850444f80a71487ba30
SHA1

de57224efcf871adb30c65bd494807ac74a7f8f0
SHA256

63af08c2299b846d9d28d2552606eebb83440cc8987d335b6aff9e53490ca9df
SHA512

5d70fb41dffb3b85d68e43643ef1fb88bce927758f9121c1e26eec4a37fa719e2bb4c3ea7a06b49d3f5ad2947d670642f00b28293b903bc8b1a343106a07a322
SSDEEP

3072:+dXi+V5Kgxpdxj8gbib20xTynt542tD+HWBow8+zoB91wDQgJl0x2AEMenKbZish:+d7rpL43btmt5D+27zw39gY2FeZ

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b90bcabc5f66d850444f80a71487ba30.exe

Files

NEAS.b90bcabc5f66d850444f80a71487ba30.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

JHDFRWG
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE