Behavioral task
behavioral1
Sample
NEAS.a55e9f79fca4725043094dbbab847fb0.exe
Resource
win7-20231020-en
General
-
Target
NEAS.a55e9f79fca4725043094dbbab847fb0.exe
-
Size
142KB
-
MD5
a55e9f79fca4725043094dbbab847fb0
-
SHA1
3dee9888dfd5084828163d2eea1e3ff9c5b28a7c
-
SHA256
b4e01e2f1fbbad4a5de01208444a9d66f3872c08eb8dfcc40cf980e2486ee01d
-
SHA512
0e242789aacb677371bdf4423aecfbfb70d8ca8bd0f85d9711440fdaebb15003b9b565b3a008efdbb87d8e91e14dd3522776a9a8176a7602fd3073c462e95375
-
SSDEEP
3072:xhOmTsF93UYfwC6GIout03Fv9KdYGUgZ10qGBABb1H:xcm4FmowdHoS03F2Y9O19SMbh
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.a55e9f79fca4725043094dbbab847fb0.exe
Files
-
NEAS.a55e9f79fca4725043094dbbab847fb0.exe.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data1 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE