NEAS[.]8123eeb92f2dc7cdd931fc72d85098fe[.]exe | Triage

Sharing

General

Target

NEAS.8123eeb92f2dc7cdd931fc72d85098fe.exe
Size

835KB
MD5

8123eeb92f2dc7cdd931fc72d85098fe
SHA1

3b6904fc14c5a8f7f087ca04f840a1a4e3a8e476
SHA256

76d844af41ad2b2c74b955356bca0d28ac794c8a8f62c44aebdbb5dac6a691a2
SHA512

17431798215467a7115fb256aa327411721ad8906a4d8752a46d2b19cac59bda04eafc3b554860a0e2e13a989c267df83059b68a3f38f97cc26b5c947b3a1b3b
SSDEEP

12288:VEQoSm9EfpKdUpXjhQw4cO1EB/U8ACjAtj7kIpbazj1NPy/t6g/uHCbYRRnUnp:V1BdrQgUrikkIpba/1HgGj4p

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.8123eeb92f2dc7cdd931fc72d85098fe.exe

Files

NEAS.8123eeb92f2dc7cdd931fc72d85098fe.exe
.exe windows:4 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kxvu
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.psfx
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fpugn
Size: 512B - Virtual size: 4KB