Behavioral task
behavioral1
Sample
NEAS.28164d2d62ab84522fab95b2db3d42a2_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.28164d2d62ab84522fab95b2db3d42a2_JC.exe
Resource
win10v2004-20230915-en
General
-
Target
NEAS.28164d2d62ab84522fab95b2db3d42a2_JC.exe
-
Size
8.8MB
-
MD5
28164d2d62ab84522fab95b2db3d42a2
-
SHA1
bf73fb8fae669a80256f705a1ce81e65759f0baf
-
SHA256
6c2dfe29e6136da1b80bda5c05c584488e1224084e0ebe3e146da93e80abe9e7
-
SHA512
b9e1f2219d906c845e16315474a1ab48776c46d6172b7ff70ed143ad610639b1ecd0cd56b6875b3d206cd932ca847072bd8c51d0d210d5585d579c96b7dcc199
-
SSDEEP
98304:P9YMOR8vqNvjtdk7LqTsIaQudua3OFLOAkGkzdnEVomFHKnPsz:lOR8vqNP82TsqudAFLOyomFHKnPsz
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.28164d2d62ab84522fab95b2db3d42a2_JC.exe
Files
-
NEAS.28164d2d62ab84522fab95b2db3d42a2_JC.exe.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 25KB - Virtual size: 28KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE