Static task
static1
General
-
Target
NEAS.f41b44083f25100cef965a5324935490.exe
-
Size
3KB
-
MD5
f41b44083f25100cef965a5324935490
-
SHA1
1fbfe02c0f6331b668c84f9a01a131f767972817
-
SHA256
5fee009bb282d821dff70e64e04c09d37cd68cbdcfd8774a73a6886835567800
-
SHA512
4fdfeaf0eb720887dbd2d91f3d64096b966348c5a831d7664c8b4be6764176dd5dcde2021a1bc9ff6ab6e270f61cf84227211bdbca5011223c81b2c4a949ba55
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.f41b44083f25100cef965a5324935490.exe
Files
-
NEAS.f41b44083f25100cef965a5324935490.exe.sys windows:6 windows x86
c0e1e2021843e3aaf1df7c87f8f57adc
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IoGetCurrentProcess
RtlCompareMemory
memmove
memset
KeServiceDescriptorTable
MmGetSystemRoutineAddress
RtlInitUnicodeString
DbgPrint
KeTickCount
KeBugCheckEx
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 256B - Virtual size: 192B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 128B - Virtual size: 40B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
INIT Size: 384B - Virtual size: 362B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 256B - Virtual size: 150B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ