urelas | NEAS[.]7e34ed2a1ed8669624c69262fe5764f0[.]exe | Triage

Sharing

General

Target

NEAS.7e34ed2a1ed8669624c69262fe5764f0.exe
Size

320KB
MD5

7e34ed2a1ed8669624c69262fe5764f0
SHA1

1f0ae045abcfafce1c8581c02dbf76f6e7a04f84
SHA256

af1ee1a0f7dc2fdbef0d89a0f4afdef57e5a180b55042c2dcd1e9220beab8658
SHA512

53b3c68f10f9085a8de7151be7a96a38760f09ad60cc33815bca271d7ce71a44d5893c8a207fae9c464201fcaee9dbe05ea4d6d80037656f8f6ae04f2cf79869
SSDEEP

6144:kcYiwk+BNDOGQZLpFN81KLMNftsZ8rp33iT:kFOGQZLpFN81KwfSP

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.7e34ed2a1ed8669624c69262fe5764f0.exe

Files

NEAS.7e34ed2a1ed8669624c69262fe5764f0.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CHDODWOD
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ