Behavioral task
behavioral1
Sample
NEAS.ed85ab548a921d9b64bc1517032a7f20.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.ed85ab548a921d9b64bc1517032a7f20.exe
Resource
win10v2004-20231025-en
General
-
Target
NEAS.ed85ab548a921d9b64bc1517032a7f20.exe
-
Size
13KB
-
MD5
ed85ab548a921d9b64bc1517032a7f20
-
SHA1
63f372b61e2ed28eab4c7af6ef8872a2f0e61d15
-
SHA256
0da76ea432b8c7384d876b4d6c83cf75a170b4f9e991af9425bc5275c3818aad
-
SHA512
5c58e6deaf1e0ffda9417e967b2ff3e0cd4fbe5b84d50b584c2103a797a88309dbeeb6ce6c0b35fd90a8d9e7e5e451a8f44b1d293aef8e0333158538799300bd
-
SSDEEP
192:4c2VdV1en8mkEjK5FWIBca3eOG3j14yaM4f8UtgLCVNh:4c2V7wkE5ISykX/XUS6h
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.ed85ab548a921d9b64bc1517032a7f20.exe
Files
-
NEAS.ed85ab548a921d9b64bc1517032a7f20.exe.exe windows:5 windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
UPX1 Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE