urelas | 30f86a73b7adb128348ed255be6aead0_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

30f86a73b7adb128348ed255be6aead0_NeikiAnalytics.exe
Size

139KB
MD5

30f86a73b7adb128348ed255be6aead0
SHA1

f12cb31f07ee64f289aed165f9b93ed3a92826d9
SHA256

2142094e6631942db0499d2949071bc0821632643e6a46d6460176f97c17b88f
SHA512

577f7fc2c5fb8aa1ed68946289264b0ebff922384646a2b554025e9f766e90685284143c89a2e9e7875ee8b503e33b5b3fa4072de0864baa74f172b6ff81623e
SSDEEP

1536:+bRaQSPc3vjvdRiHhhU1Kn1LtMQr54xzId4uP7dsaTdpU+gyamOoEfpD:ONN3vhRiDaEd4uPpsaBraRoEfpD

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30f86a73b7adb128348ed255be6aead0_NeikiAnalytics.exe

Files

30f86a73b7adb128348ed255be6aead0_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ