E:\2015\公安接口软件\skylyjk\obj\x86\Debug\service.pdb
Static task
static1
Behavioral task
behavioral1
Sample
0d6c3d145a3e95e9649cc8988701a0b0_NEAS.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0d6c3d145a3e95e9649cc8988701a0b0_NEAS.exe
Resource
win10v2004-20240426-en
General
-
Target
0d6c3d145a3e95e9649cc8988701a0b0_NEAS
-
Size
1005KB
-
MD5
0d6c3d145a3e95e9649cc8988701a0b0
-
SHA1
72d3592d5626c2a9d2e1156b9a248d3e4c9e68a2
-
SHA256
a6585206dc78a09e182d037a60218ca717493777f5256bf77d529ec511ac7398
-
SHA512
fa33ff06561810a648ae727d688db78572db066c725dc1aae1fedf10078296fba2c918d8e13ee1715f06965badc8dd6c5814140ea9c73383ae93576b13f297ec
-
SSDEEP
24576:kiXrlBLJG6VAkN10NseVzXKT25b3D//ak4x:hrvd5VAkNaNscb370
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0d6c3d145a3e95e9649cc8988701a0b0_NEAS
Files
-
0d6c3d145a3e95e9649cc8988701a0b0_NEAS.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 1003KB - Virtual size: 1002KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ