urelas | NEAS[.]cd852787b0ff70327a63931d261adeed[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.cd852787b0ff70327a63931d261adeed.exe
Size

110KB
MD5

cd852787b0ff70327a63931d261adeed
SHA1

9fd446b71960d5a1be06264c424e4e9e35a9579d
SHA256

66233588b3148cbc59fffa312aae6bbc9ee8026a39274ffb0600d5763af007ac
SHA512

70ea15e963c22d70b756f619c93f040afc2584fc99b5c8b781743fc1edfc065d6c7a2f9822345e0d6cec8e46f923995d853f11e741e8796ea74a576a9abe5048
SSDEEP

1536:mCnrJLwAXDtIBcUyk+8CooNvy3GNbcq7+sWjcdgy64TNSek:htpCP+/oGvWSldgy64TNSek

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.cd852787b0ff70327a63931d261adeed.exe

Files

NEAS.cd852787b0ff70327a63931d261adeed.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TYSGDGYS
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ