Static task
static1
Behavioral task
behavioral1
Sample
NEAS.f1f752a738e3ca3c1a98dbe61efdf920.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.f1f752a738e3ca3c1a98dbe61efdf920.exe
Resource
win10v2004-20231023-en
General
-
Target
NEAS.f1f752a738e3ca3c1a98dbe61efdf920.exe
-
Size
21KB
-
MD5
f1f752a738e3ca3c1a98dbe61efdf920
-
SHA1
306d9a8b0577001da2789010b255758d67f4dc3f
-
SHA256
12a0810b32a0363a5fdfc1ffc9eb0c00e414e3fec8dc8ba285e3cff0ad1758ea
-
SHA512
8aa5c1fc0b48b44ebbf2fc86692f114196b0f6189de73dfabc9c2418fe95d3e384e403fc6ff6b9d413facf9d36c291c53fb180491e4bd6ca78195a1bf41846d5
-
SSDEEP
384:jIz4Cmz8Wbo2XtgHTtYwFE59gH43gRmcW8ZaeNK0WJFD6YHCyD:jIUrnETtYkELgH95Zzk7
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.f1f752a738e3ca3c1a98dbe61efdf920.exe
Files
-
NEAS.f1f752a738e3ca3c1a98dbe61efdf920.exe.exe windows:4 windows x86
0c144496adf6d6951a8195019d714846
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
CloseHandle
CreateFileA
CreateMutexA
CreateProcessA
DeleteFileA
ExitProcess
GetModuleFileNameA
GetProcessHeap
HeapAlloc
ReadFile
SetFileAttributesA
SetFilePointer
WriteFile
Sections
.text Size: 1024B - Virtual size: 768B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 452B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE