urelas | NEAS[.]2b4124ee21a3660f65a62e0b1357bda2[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2b4124ee21a3660f65a62e0b1357bda2.exe
Size

155KB
MD5

2b4124ee21a3660f65a62e0b1357bda2
SHA1

14bed41086b4d9a00fb1a2a2fd3f347113238bce
SHA256

5432a24f683a087a3bb77e11c64f1f6586629f78ab1aa81aa9c2a9ee9cd22bec
SHA512

f4e9ad0d7228403e3431427605d6eeeb0fcc767c7f02a03be97815efd5a51552e7ad67fc1ae44d6499fdb58cfdb1fe77b122a8578998e6e2566eb8578436fcfa
SSDEEP

1536:8iVlUPlfHeARjOsOAe2zBN7lE4U1sgzAom8JsuPIclSXsWjcdd6YGJYwY/:nVlUPZRxfxE9Vs5cfdd6YGGT

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2b4124ee21a3660f65a62e0b1357bda2.exe

Files

NEAS.2b4124ee21a3660f65a62e0b1357bda2.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ