Behavioral task
behavioral1
Sample
NEAS.cad59573f5f98253991a19bff2961140.exe
Resource
win7-20231020-en
General
-
Target
NEAS.cad59573f5f98253991a19bff2961140.exe
-
Size
40KB
-
MD5
cad59573f5f98253991a19bff2961140
-
SHA1
c5064546978b97d8f00b148e3672ab2ea8d4ed41
-
SHA256
13bc232331a334a3b20783148d3026ffcd76049a6a2a7f05a16db41b71549d9d
-
SHA512
1ea0324a8bbb132aa0838419acc38efa40a6e3444f6fc5d74fece35e5ee37f9d5e5f528e6c5013f505bc5490a0115c28f9872261cea5330c2784d002c06fded2
-
SSDEEP
768:q29Pf5IH4hyYtoVxYG9mHfCBJTAIO3Ot:F7XhyYtkYX/CPnO3
Malware Config
Signatures
-
Sakula family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource NEAS.cad59573f5f98253991a19bff2961140.exe
Files
-
NEAS.cad59573f5f98253991a19bff2961140.exe.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
code Size: 27KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE