Behavioral task
behavioral1
Sample
NEAS.2eb5279ec6988a0b9967069fddfceb80.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.2eb5279ec6988a0b9967069fddfceb80.exe
Resource
win10v2004-20231020-en
General
-
Target
NEAS.2eb5279ec6988a0b9967069fddfceb80.exe
-
Size
196KB
-
MD5
2eb5279ec6988a0b9967069fddfceb80
-
SHA1
b06659f450ddc7883aa2e968c460ce0a04cb8e37
-
SHA256
a8ed363aa93e42cc041fa08c16189117ca4f1ad5e15fd6823cb455230dba79d9
-
SHA512
e0a5f21005d1dc1b458d426826bb3789f62afa6468df06364b538897ada73788313b25dd5cc37518d92d6884c10c6cc0cd82824442e2ca6da00a3b77dea85ca6
-
SSDEEP
3072:ZOgUXoutNlxZVX4/awxfodLJUBv9Bsor1rHjhMU9npQQpmuG:ZFYoSfRARoYlld9n2Qpmx
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.2eb5279ec6988a0b9967069fddfceb80.exe
Files
-
NEAS.2eb5279ec6988a0b9967069fddfceb80.exe.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 140KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 31KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE