urelas | NEAS[.]fd1437ce2effb67d300ef2d161e04f90[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.fd1437ce2effb67d300ef2d161e04f90.exe
Size

166KB
MD5

fd1437ce2effb67d300ef2d161e04f90
SHA1

85cef84fd166807f21b41762c97e76393dc941d6
SHA256

f5fc2c83d066d623173f42c3525dac64339f3b9a8ad019326d0695f98b4e9ff8
SHA512

5b6efe219739cff6aa39853d7c51d090bcf70960b4008221bc1e6d2a93a65bbfa72f5a857abf02d35e6874d09897388a82b2d3f19b012b64bf45f194d8ef44ac
SSDEEP

3072:t9AJRSvTvHN7xkKGsfPNGhoIPpPVUw2IIa:t9AvSLvHNdkKGbHPpP+w4a

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.fd1437ce2effb67d300ef2d161e04f90.exe

Files

NEAS.fd1437ce2effb67d300ef2d161e04f90.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GTDTSYDW
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ