Behavioral task
behavioral1
Sample
NEAS.aa5ce6b608ff8bd7d2a5b99858c45020.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.aa5ce6b608ff8bd7d2a5b99858c45020.exe
Resource
win10v2004-20230915-en
General
-
Target
NEAS.aa5ce6b608ff8bd7d2a5b99858c45020.exe
-
Size
112KB
-
MD5
aa5ce6b608ff8bd7d2a5b99858c45020
-
SHA1
0dee1eece1069a48a9be1ad3245109802a63e7ba
-
SHA256
1f4a340720ef494fb2ac9dd3b13d729c0ef90988a6373884528ee7f27b06ae75
-
SHA512
64becd60a20c9225a26a22c22bec31d5a6a51ed4fbd4c5bf6a0fe7d263fc846c96ac24b1bdd9aa618e37d39dedbec112719ed9356efa4351b6cd0ea01fa63e77
-
SSDEEP
1536:6S2vOUHVOKZWwrgdGPiiv9vgmh7vfaOe/pwFquLFZfYXDmqdYkTS:6jzhZWxivgmhbI/pqqsffYXjYkTS
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.aa5ce6b608ff8bd7d2a5b99858c45020.exe
Files
-
NEAS.aa5ce6b608ff8bd7d2a5b99858c45020.exe.exe windows:4 windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 56KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.tn Size: 42KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.f Size: 512B - Virtual size: 4KB