NEAS[.]48b0586048335dc1ba2a161899a33e10[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.48b0586048335dc1ba2a161899a33e10.exe
Size

375KB
MD5

48b0586048335dc1ba2a161899a33e10
SHA1

74042c2ad5a60c7cd1ffbd2d523b99e890550607
SHA256

6df0d98e716f43c80a9f6c26cea40df95b65ee8720690eae432d770ff5ba68c3
SHA512

08e0acc45865efedaf52af29a635d50211f85cd939b0f081111dad256c070720e55ab4a29596b42c2fc996d49ac20c84fc6284b89c649146d887722fbd7162af
SSDEEP

6144:Wcm4FmowdHoS0hraHcpOFltH4teP0sAWH6Y6YABVAXG/0ROGk7MD77EwiAQj3Nyh:44wFHoSMeFph0TKQbVeG8RO7747pQjkh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.48b0586048335dc1ba2a161899a33e10.exe

Files

NEAS.48b0586048335dc1ba2a161899a33e10.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tkjdelw
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ