urelas | NEAS[.]4fa72c4ab85b7a684ff10a2dd3098c60[.]exe | Triage

Sharing

General

Target

NEAS.4fa72c4ab85b7a684ff10a2dd3098c60.exe
Size

460KB
MD5

4fa72c4ab85b7a684ff10a2dd3098c60
SHA1

88fdb5e7dd908bde3055b48c41c6f70d80c66a81
SHA256

9dfb92ddae3db42c2d858c295626dc4d338d97b00a67fdf3d170c21acd418d7e
SHA512

ef2eba7faf6f9dc2060e52e566975acf63eaba54d5b9bee9ab8a9a2981181851df212988b5b464f426dcbf16c41b71f10f181017322ddb0071f6a2bbab7d8c3a
SSDEEP

6144:18efQ6QPJGcLbjg0jzK4UnUHOkb8734A2P6gt99Wvtxrpp29xcE:46QPJGcE03KRg04zPZt9mtPO

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.4fa72c4ab85b7a684ff10a2dd3098c60.exe

Files

NEAS.4fa72c4ab85b7a684ff10a2dd3098c60.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.MPRESS1
Size: 239KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE