urelas | 81097e7c651bbabc64718ad5476313b0_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

81097e7c651bbabc64718ad5476313b0_NeikiAnalytics.exe
Size

462KB
MD5

81097e7c651bbabc64718ad5476313b0
SHA1

318a124286b651c63b5bcc11da3b58b9623ac597
SHA256

887f5997a171db547b8eea391ec44de9cfc2d8fe8e6f8b951d3537b53a7ecaa9
SHA512

3656fa7f9b4208354e2a0648594d9594f2485a483b36128120e532ed34f82b2107b92c8e5ea12b2b15c7338b19cacafa3cf834dc063b7a38441f73a9b06a44e6
SSDEEP

12288:Ue5rdGu2LiGZNO84nGuYX25DRmqirriC:UexuLNF4r/5tmqirriC

Score

10^/10

urelas

Malware Config

Signatures

Urelas family
urelas

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
81097e7c651bbabc64718ad5476313b0_NeikiAnalytics.exe

Files

81097e7c651bbabc64718ad5476313b0_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\PMS\pms4\Project(20131004)\GolfProject\bin\GolfProject.pdb

Sections

.text
Size: 456KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE