NEAS[.]e98490f043d34473e5c2d806e3062410[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.e98490f043d34473e5c2d806e3062410.exe
Size

34KB
MD5

e98490f043d34473e5c2d806e3062410
SHA1

8f5d6540382def2dee8f0a59b635027bddf7d520
SHA256

538db899124799f19ea87cdcbc27e7f8754d1fbd05312a88b2cd21510cdebb15
SHA512

18ae21c16872621ebca084a3e64700bed1aece23a19677298a2960dba426a43137626d90628130dc3df55ae9b40117eea5829520bead2bfe094567e10ea3bc4b
SSDEEP

768:pwy7luXqnKZ3URe/cqhVnjBsuC1bfeFb1RbfrFFU:aypnKZ3Ulchtsl1bfw/frFi

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.e98490f043d34473e5c2d806e3062410.exe

Files

NEAS.e98490f043d34473e5c2d806e3062410.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE