Static task
static1
Behavioral task
behavioral1
Sample
NEAS.3da6854b3feb71c69d667b654622b1760fcb7fef519fdb78fbcbeb4b1c094e76.exe
Resource
win7-20231020-en
General
-
Target
NEAS.3da6854b3feb71c69d667b654622b1760fcb7fef519fdb78fbcbeb4b1c094e76.exe
-
Size
795KB
-
MD5
5ed850cfe3074a397566cf6d2191f5b1
-
SHA1
30f902bcc7f367da34cc976d92ebc942532f0686
-
SHA256
3da6854b3feb71c69d667b654622b1760fcb7fef519fdb78fbcbeb4b1c094e76
-
SHA512
58c7a3073b808587e3e0664ac8075535642f5bae726f96406f8b3ed053b928c018dd96dffc4e385088ba90a22923a37bbda3955f1f8f14ac4e0017158d77546e
-
SSDEEP
24576:KRYVIX91rfc2BGkuDIJlg4SQABWPeEzTX:+Skng4S05H
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.3da6854b3feb71c69d667b654622b1760fcb7fef519fdb78fbcbeb4b1c094e76.exe
Files
-
NEAS.3da6854b3feb71c69d667b654622b1760fcb7fef519fdb78fbcbeb4b1c094e76.exe.exe windows:6 windows x64
5a0802c1e760556b760175c08cbf2669
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateFileA
CloseHandle
GetComputerNameA
TryEnterCriticalSection
ConvertThreadToFiber
CreateFiber
DeleteFiber
SwitchToFiber
CreateThread
ResumeThread
OpenThread
SetFilePointer
ExitProcess
VirtualAlloc
WideCharToMultiByte
Sections
.text Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 364KB - Virtual size: 363KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 357KB - Virtual size: 357KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ