urelas | NEAS[.]b12d8f3bda7cbbdca223700d80cd8280_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b12d8f3bda7cbbdca223700d80cd8280_JC.exe
Size

168KB
MD5

b12d8f3bda7cbbdca223700d80cd8280
SHA1

d8ddb438e32bc0ce667e054e9fb03c8a196f977b
SHA256

75f8a2876cc78e0f656f33229693b4f37b9b2452257d20921c955b24e2a00434
SHA512

b9c7c16be64e3e971bb39d68324f013f4ebd3ef68bdc7dad20ffa54f6e14e62e84b82b18c3875b04d612cd7c2af593507f0bd8eadc475a371f2ab3dc0df4c26d
SSDEEP

1536:NoUTaVA5ZuzOFEbjd6QEugyq5RGTYG+WZgjr3Hf7DJuwSHn8jq0vUQQActo/Zp0P:uiqAruz6QVgj7DDJgHMXVcto/Zpa

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.b12d8f3bda7cbbdca223700d80cd8280_JC.exe

Files

NEAS.b12d8f3bda7cbbdca223700d80cd8280_JC.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FFFF
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ