urelas | NEAS[.]a64792f36ead25e24cc05d6e870022c0[.]exe | Triage

Sharing

General

Target

NEAS.a64792f36ead25e24cc05d6e870022c0.exe
Size

406KB
MD5

a64792f36ead25e24cc05d6e870022c0
SHA1

7d57f2c8022fcb4245ef0d637a09f58c9111beaa
SHA256

846325c797f4b01ba0aac6ad1d3338bb32d4b36e719fe45093b0b6edc030cdc6
SHA512

ba922445268b123d8b4801819bee8003b6b2b61012b2ef04f77011143f2f4b6cced0b3e473e4e506367cc1d8d8a9ce03ad9dbfab20bd72997fa792051b89b93e
SSDEEP

6144:y5SXvBoDWoyLYyzbpPC4DYM6SB6v+qLnAzYmhwrxcvkzmSBrBwV:yIfBoDWoyFboU6hAJQnrc

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.a64792f36ead25e24cc05d6e870022c0.exe

Files

NEAS.a64792f36ead25e24cc05d6e870022c0.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 225KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HJSDRTRW
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE