Behavioral task
behavioral1
Sample
NEAS.a767f18e1b2871f709310dc23afd5df0.exe
Resource
win7-20230831-en
General
-
Target
NEAS.a767f18e1b2871f709310dc23afd5df0.exe
-
Size
131KB
-
MD5
a767f18e1b2871f709310dc23afd5df0
-
SHA1
ff9d4a72faba30e1c7c728306a125157d654307b
-
SHA256
e64c590db24ed5c5876e36c55e37d410a17f3861389daab4e4b4bc18968ffba7
-
SHA512
94c71f576fb5e061b29ad4d326c1269d621211877c7035c075b8f10771db6382a2f50b47ab348ff4c2d4ed39a93db9d1588e85b7d4ad20c629f430da786165df
-
SSDEEP
3072:JhOmTsF93UYfwC6GIoutviJ8mqtbfUVei6Axq:Jcm4FmowdHoSEubDcU
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.a767f18e1b2871f709310dc23afd5df0.exe
Files
-
NEAS.a767f18e1b2871f709310dc23afd5df0.exe.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ