Static task
static1
Behavioral task
behavioral1
Sample
NEAS.d4a3a1691c3ac12d754c29eba6e62ac0.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.d4a3a1691c3ac12d754c29eba6e62ac0.exe
Resource
win10v2004-20230915-en
General
-
Target
NEAS.d4a3a1691c3ac12d754c29eba6e62ac0.exe
-
Size
201KB
-
MD5
d4a3a1691c3ac12d754c29eba6e62ac0
-
SHA1
184451ef244d1c72cc65815fa71a01ce19b7f2ce
-
SHA256
664e7d87078a265b939093faae14ae93931423b423bc4c13572bec61e9922d39
-
SHA512
7b5209a0db1eb14e64448c58dca8b024158bee362a3849fb34992d95241548b5ae88e39503ef13e907c8ba3ce386709a92ff1bf09b93ce88ccd408eb780006db
-
SSDEEP
1536:J7TJopblB4dqyyUiZ06pX3I6/qxiSEGNJFVL7TJopblB4dqybx4I2jf5ZK:J7TQlatyYePxiFVL7TQlatbcLK
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.d4a3a1691c3ac12d754c29eba6e62ac0.exe
Files
-
NEAS.d4a3a1691c3ac12d754c29eba6e62ac0.exe.exe windows:4 windows x86
09d0478591d4f788cb3e5ea416c25237
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
Sections
.text Size: 39KB - Virtual size: 124KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 14KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE