Static task
static1
Behavioral task
behavioral1
Sample
Fact_023_1201.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
Fact_023_1201.exe
Resource
win10v2004-20230915-en
General
-
Target
NEAS.1518712587d55b56e9d787bd88a439d7bin_JC.zip
-
Size
119KB
-
MD5
e96a03c2de6e5cbece6355c98a49a49a
-
SHA1
359a00e0c17f15c2e59d098fd6d504a944831261
-
SHA256
add013ab78b6e039c08385a36dbdcea2cd2e06d068ac6fd80dece0982ee7c8c3
-
SHA512
46694f06da3ba077b5d8d83a710a3a59894f9ac7ace4bd11640df6b429c042a4f1d8f0505e1fa41b167a41b26b93d868f25f148e2708b01161beec879098e932
-
SSDEEP
3072:luSgKuWiU/6GIQ10qA22r568IOvOP8LM6Tdm:luSPbi2IQ10SxEm
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack002/Fact_023_1201.exe
Files
-
NEAS.1518712587d55b56e9d787bd88a439d7bin_JC.zip.zip
Password: infected
-
0c49dcaba11bdcb8eb0ccf91e7c7e7ec748a49dfe1ee7c0b9f150a87626c46a7.iso.iso
-
Fact_023_1201.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 414KB - Virtual size: 414KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 35KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ