Behavioral task
behavioral1
Sample
NEAS.0d031fd4e17a7332dcbad95af4180270_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.0d031fd4e17a7332dcbad95af4180270_JC.exe
Resource
win10v2004-20230915-en
General
-
Target
NEAS.0d031fd4e17a7332dcbad95af4180270_JC.exe
-
Size
998KB
-
MD5
0d031fd4e17a7332dcbad95af4180270
-
SHA1
fd494209a606003c7634bc3d6f7db43ab7a9e22d
-
SHA256
5ce623369613ffa8f6ef28cbfc6b77f975b23657ecf1eee4431a1087f28a48b2
-
SHA512
5b060a4a2ce38e3e21a2d79bf54569d4126775c97731f55c295a6cf4e5a215dead5bb5e3fc2bc8b8d886a4dd313fddde5ca80b2d38e1a8c37a9d4f5f56f3210b
-
SSDEEP
24576:A8RlmpEf26unP1pb8ORi4tMV+k9Yjn5e/a1f5UdMVEFPCk:AUwplPr4OSV+ay5e/ap5BcKk
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.0d031fd4e17a7332dcbad95af4180270_JC.exe
Files
-
NEAS.0d031fd4e17a7332dcbad95af4180270_JC.exe.exe windows:4 windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.edlwv Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.oh Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE