Static task
static1
Behavioral task
behavioral1
Sample
NEAS.c622762e97fd9b9696374b1c1124e2d0.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.c622762e97fd9b9696374b1c1124e2d0.exe
Resource
win10v2004-20231023-en
General
-
Target
NEAS.c622762e97fd9b9696374b1c1124e2d0.exe
-
Size
173KB
-
MD5
c622762e97fd9b9696374b1c1124e2d0
-
SHA1
942852d69cac33e1a3bb530917296654ee1e66e8
-
SHA256
20cb4a736ffb301016d2d9aa88c53c4b277222cdbbeb91a35f271f32143d905d
-
SHA512
08a18699806a49e3a70709722ce69e3f3669af748457c2722286e51ab941be637328d01aa11e139ab15bb16d47b5ca3da6cc7169a2c622de97fbe8e220c85739
-
SSDEEP
3072:+aUuhHrjOT+vmqWjPs4Ekcw4e84S7dG0RyVMy6A9RFdl2roVNLjpgarXP8u:+aFr6YmqW7fIFdnRyVJlNRVX7
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.c622762e97fd9b9696374b1c1124e2d0.exe
Files
-
NEAS.c622762e97fd9b9696374b1c1124e2d0.exe.exe windows:4 windows x86
70ac620c5c4e3a37c16add842c6c0582
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
user32
LoadAcceleratorsW
gdi32
DeleteObject
advapi32
AdjustTokenPrivileges
shell32
ShellExecuteW
ws2_32
WSAStartup
Sections
.text Size: 167KB - Virtual size: 600KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE