Static task
static1
Behavioral task
behavioral1
Sample
NEAS.603a8a461dd68c346642f8a4ba6db790.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.603a8a461dd68c346642f8a4ba6db790.exe
Resource
win10v2004-20230915-en
General
-
Target
NEAS.603a8a461dd68c346642f8a4ba6db790.exe
-
Size
66KB
-
MD5
603a8a461dd68c346642f8a4ba6db790
-
SHA1
3c85359d3aa515017888055c2ff8ec5b62d1f941
-
SHA256
f56158d663ab63e814eb6033ac71811f2c6c450a1d42a0761b97cc793ee77e12
-
SHA512
daec6ae557dae4c2cb6a8f93525401ee1edbd900d0e69feedc8d49c91da353bb5b4a9cf7d515786dc97dfd59f52204115c5c129b3c5653c660bc5bfd2411512b
-
SSDEEP
1536:f+npD+3W5Gpd2d932NJfqajmsSddl07vV+qY4oEpNC1EYljMaOazSVXutubUj:mO2hsSd0vYQpNC1Ea7SEOUj
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.603a8a461dd68c346642f8a4ba6db790.exe
Files
-
NEAS.603a8a461dd68c346642f8a4ba6db790.exe.exe windows:4 windows x86
54410133dd1d1c335028d901ab6b5a9e
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
IsDBCSLeadByteEx
GetVolumeInformationW
CopyFileTransactedA
CreateMutexExW
GetDiskFreeSpaceW
CreateMailslotW
UnregisterConsoleIME
SetEndOfFile
PeekConsoleInputW
DeactivateActCtx
FreeMemoryJobObject
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
rdata Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 51KB - Virtual size: 70KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE