urelas | NEAS[.]75f4ffa244aca369378613640c5ba0b0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.75f4ffa244aca369378613640c5ba0b0.exe
Size

154KB
MD5

75f4ffa244aca369378613640c5ba0b0
SHA1

628c14f2b22b1021ca6d244d237550d63c8717e2
SHA256

38e0b7b3a53e25640740ece4ca15ae60811e0d62c9a8a96101acc3a8999c0b6c
SHA512

913654aeb42d82785937719c18fca75aacf7b1144ad248df989bd903168a121ae1b42e88e60996893db0b861baf9a977886a85eae14eb371870ce4df394ddd56
SSDEEP

1536:JJ7RmwVTSktuc6K2JI8ubZBpWO/ljXGjHBX7oVlU2gumBMokip3boMqO5FDTc1:jRmw5SJJ0djXGjd7QzmMokip1qObq

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.75f4ffa244aca369378613640c5ba0b0.exe

Files

NEAS.75f4ffa244aca369378613640c5ba0b0.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fdhjygdf
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE