Static task
static1
General
-
Target
NEREST PC.exe
-
Size
4.4MB
-
MD5
56e1263d9e2f7d57565617f9a605a9be
-
SHA1
79d7ae5f3d2aac4cf9232a54996f6226bf293623
-
SHA256
deac1a1624f5160850e32e1bf8007e71a8c1510f11cddafd702677dc2e4d5378
-
SHA512
b62e85718b2a305ee880e552599ffc5674600ab1ec482e8cbe278b8ee8fd7458f42801957a8ede2ce057ab54396888a7e7875131a28ffcff3d5be533148ec86d
-
SSDEEP
98304:h0fati5bX40EnMFaEUfVkGesvXSx2HeVSQLhWKHEDmCPmjv:RE5bbU2odHe3hWbDmC+j
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEREST PC.exe
Files
-
NEREST PC.exe.exe windows:4 windows x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 4.4MB - Virtual size: 4.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ