Static task
static1
Behavioral task
behavioral1
Sample
NEAS.83361bc9201291f06ec27e3f4893ecf0.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.83361bc9201291f06ec27e3f4893ecf0.exe
Resource
win10v2004-20230915-en
General
-
Target
NEAS.83361bc9201291f06ec27e3f4893ecf0.exe
-
Size
48KB
-
MD5
83361bc9201291f06ec27e3f4893ecf0
-
SHA1
35c291b40a8a334b09215608747d00f7e1376e7f
-
SHA256
2626c3bc737f56218ff04a55950e37a546ff1741a58384e5f9dbf6f6fe5dc491
-
SHA512
aa19379ca9d9cd0f66a679c663c4cfadce21f2e1bc8d73f555664173513f5ca81062f23d39667ffbdb6136c88c6750d0cca7e3402218dff6ac68124433e53c23
-
SSDEEP
768:f+c1J3gQKV54zGL1lSCmLE4EchVBqp+bs+XbobZw46hyxC:fp1VgQKPdhwCmE6jqp+bs+XbobNA
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.83361bc9201291f06ec27e3f4893ecf0.exe
Files
-
NEAS.83361bc9201291f06ec27e3f4893ecf0.exe.exe windows:4 windows x86
61b9725fd52b1f9b521d25768ba2546e
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
winmm
mixerClose
lz32
LZCopy
gdi32
BitBlt
advapi32
CloseEventLog
msvbvm60
ord695
ord662
ord669
DllFunctionCall
__vbaExceptHandler
ord319
ProcCallEngine
ord644
ord100
ord547
Sections
.text Size: 40KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 912B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ