Behavioral task
behavioral1
Sample
NEAS.c9662b0185b5058754a620177b0c0c10.exe
Resource
win7-20231020-en
General
-
Target
NEAS.c9662b0185b5058754a620177b0c0c10.exe
-
Size
447KB
-
MD5
c9662b0185b5058754a620177b0c0c10
-
SHA1
cb2d3412391f06f5fbe02e15290780fb4efa57ac
-
SHA256
8ce848b289d4f2d5910e0bb3342cd34e77576de679151af3151e9e4428ac3e5a
-
SHA512
4f498334591ecb9042641e823bc23d8f221c752a547be557c76bd7b7c52f247bf594eaf35c5eb0d9c7c40617e5d2b24372b4c1702e091fe67b2be45aae0a564c
-
SSDEEP
768:CpQNwC3BESe4Vqth+0V5vKPyLylze70wi3BEm/:CeT7BVwxfvLFwjR/
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.c9662b0185b5058754a620177b0c0c10.exe
Files
-
NEAS.c9662b0185b5058754a620177b0c0c10.exe.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 64KB - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pb Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE