Static task
static1
General
-
Target
NEAS.53938b36ef29c43277a440de70fca400.exe
-
Size
12KB
-
MD5
53938b36ef29c43277a440de70fca400
-
SHA1
54cfa2085376086d0d52423142630aa4839e65b7
-
SHA256
4a5f2cf813eb289bf81c078bc6a10e577c37e47926b58ce45fb53a4f6c1f20c7
-
SHA512
5bc24f26a5b3de6f9fb30244c05c88acdb403b72483df9d712c8ba952c2c242a0cca72b552edd2ca208651af775e1a55ce5d4ba13c3384ad84310841f49045ac
-
SSDEEP
192:fYfjdeK5RcvD8CDYsYYXoVevtrCCKaFrBMxRcke7QZawdpwcJdzkvhFBvfCyt5:Uf9NYXvHFrBAjvzkBDt
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.53938b36ef29c43277a440de70fca400.exe
Files
-
NEAS.53938b36ef29c43277a440de70fca400.exe.sys windows:5 windows x86
ddbdc16a2b942f1d46d53177c7e3af81
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
ord42398
ord42414
ord42446
ord42478
ord42498
ord42522
ord42546
ord42578
ord42604
ord42630
ord42652
ord42668
ord42686
ord42374
ord42722
ord42740
ord42758
ord42782
ord42804
ord42824
ord42852
ord42884
ord42912
ord42930
ord42954
ord42978
ord43002
ord43032
ord43060
ord43088
ord43106
ord42350
ord42328
ord42304
ord42290
ord42268
ord42702
ord42248
hal
ord43164
ord43184
ord43144
wmilib.sys
ord43220
ord43240
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 384B - Virtual size: 328B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 256B - Virtual size: 144B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 492B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ