Behavioral task
behavioral1
Sample
NEAS.9ce7de8e8c5a144529e0802622a3b650.exe
Resource
win7-20231020-en
General
-
Target
NEAS.9ce7de8e8c5a144529e0802622a3b650.exe
-
Size
338KB
-
MD5
9ce7de8e8c5a144529e0802622a3b650
-
SHA1
66112b18c1b22629260087e858d6801d3eac5a27
-
SHA256
fa9ff452ab354d010f75253eb952603fa74a9552bbdab8586d3140d4ae5c6a8d
-
SHA512
4d35a32f931553f86f63aca762fbd900e5fd53328300b83db9a44372bb2a57a7912842a8b8db2d20380a980dfb256b43af1b006ba441c8202064c55cd8b1dde7
-
SSDEEP
3072:BmVwRKCrIYlW9dLKEl4MC0iFixWS1WC2P9/KvZ:BmVn6O4Ep3s7BZy
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.9ce7de8e8c5a144529e0802622a3b650.exe
Files
-
NEAS.9ce7de8e8c5a144529e0802622a3b650.exe.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 41KB - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 15KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 23KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE