urelas | NEAS[.]eec74961bb7f3631cc0e59b414f8f5c0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.eec74961bb7f3631cc0e59b414f8f5c0.exe
Size

154KB
MD5

eec74961bb7f3631cc0e59b414f8f5c0
SHA1

907b5192f1d210c0f696a96fe3a3b55d514000ef
SHA256

a1b8e79ad7a5718781d17afb106be198c79b8d2b7dcae9c9669e9a4540f32377
SHA512

c5350abfb61d188a32cabc62377cf93d488af280c3a195fbe4545e548d8f705c5d6498687f58ebad70babb15e260a8a0087369b06dc64f88641684e51a433345
SSDEEP

1536:JJ7RmwVTSktuc6K2JI8ubZBpWO/ljXGjHBX7oVlU2gumBMokip3boMqO5FDTc4:jRmw5SJJ0djXGjd7QzmMokip1qOb9

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.eec74961bb7f3631cc0e59b414f8f5c0.exe

Files

NEAS.eec74961bb7f3631cc0e59b414f8f5c0.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fdhjygdf
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE