urelas | NEAS[.]eb426d1c0a4e023f7c6b133b73d17210[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.eb426d1c0a4e023f7c6b133b73d17210.exe
Size

152KB
MD5

eb426d1c0a4e023f7c6b133b73d17210
SHA1

02f87b75979b6862d1ac2657b7e9e4a64357d230
SHA256

256d89bb0970d6712e1ab5313c789abe5ecfa85e3e017d8de7130c2e4337ddea
SHA512

9459f1595dcabdc98baf8fa354b7c1025d9c4c9cfa60b106be4956c29b5bf532cad399fda04e459d65fbb38b49c8467e66137ed98d31fe6d9a04ad874cbe8dc5
SSDEEP

1536:MOfImdXbq01z7SOxTwiDRpPx4lksAqu/ElJnAO8lsuPvTschnKsWjcdQ6IZDQ45O:M6Im19H1SEfE55kvznVQ6IZM45O

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.eb426d1c0a4e023f7c6b133b73d17210.exe

Files

NEAS.eb426d1c0a4e023f7c6b133b73d17210.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IOSDWD
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE