Behavioral task
behavioral1
Sample
9263bb16f0353c48c034246bff61f900_NEAS.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
9263bb16f0353c48c034246bff61f900_NEAS.exe
Resource
win10v2004-20240419-en
General
-
Target
9263bb16f0353c48c034246bff61f900_NEAS
-
Size
270KB
-
MD5
9263bb16f0353c48c034246bff61f900
-
SHA1
f50821de449d472c2229aa236e4d27865d67d60b
-
SHA256
6e4de1b76659770f230c7e7b07fa40412391c0c306f8d2be69369ece28052b1a
-
SHA512
10c6473a56f10c8e466897e5ccfe2fef27e81d7fcb6ac2024271012381617b7c4f523fccf961f6223c0d5e7aadd41de9f0c0b650051a24ffdde96c22c248deef
-
SSDEEP
6144:JmCAIuZAIuDMVtM/UfAIuZAIuDMVtM/d9+g:7AIuZAIuObAIuZAIuOE9+g
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9263bb16f0353c48c034246bff61f900_NEAS
Files
-
9263bb16f0353c48c034246bff61f900_NEAS.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE