urelas | 1d0c40a5e8678ffe254a0449c989c7e0_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d0c40a5e8678ffe254a0449c989c7e0_NeikiAnalytics
Size

267KB
MD5

1d0c40a5e8678ffe254a0449c989c7e0
SHA1

8303cf6c30923763f74a0310a580d1ac534cbd71
SHA256

da25e0db1d052c140d1ce560d2e30fb292fc92f35f9880ecaf746a81c7a41541
SHA512

5c7c1561c4031256ffe1ce6095e1c8c62a24d73a0ec0f3f6e4387db77725d31d10d794418a0bc506b3b4962a072e4eeaae4a156504a825189f75a74a4f1f28d9
SSDEEP

6144:w5ibQcmlVD+BgotLvTtehd1wLIE92FJ1wZyZTiTUUB:wUq+BgotLvTtehd1wd92FJ1aDB

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d0c40a5e8678ffe254a0449c989c7e0_NeikiAnalytics

Files

1d0c40a5e8678ffe254a0449c989c7e0_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

VSDHGWHD
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE