General
-
Target
NeoRAGEx_5.exe
-
Size
291KB
-
MD5
db91108932cf02af939866951153da36
-
SHA1
cba6f6e9aa1acd97e9a671eee278fb073340c085
-
SHA256
e208c427f32305a65ec744d711927f761efa49bf27a88574bdb960e913e595a2
-
SHA512
bad47eddd9b917444d1ff1f6505c1fc9a7fc044f05bbbff4f24dc44f4c0090df9ee25830fc09ea7cafe9e189ee4522ba863a7c80efe1a5bb4457bc199d728aa1
-
SSDEEP
6144:z/I7T2zNeJhpkGKLcJU4ghh2XzowN7Krz7AEK4ZuEkTKG:k7qzNehkGZgDwNGLd7kOG
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NeoRAGEx_5.exe
Files
-
NeoRAGEx_5.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 2.1MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 277KB - Virtual size: 280KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE