General

  • Target

    NEAS.0ff4ee90b781b9f295724ef48a10de70_JC.exe

  • Size

    160KB

  • MD5

    0ff4ee90b781b9f295724ef48a10de70

  • SHA1

    77a57b29f1aab01ffe89d7ab9778035a393456e8

  • SHA256

    49281ec5f3bdbbe86268bddcdd59909573420a7d751639d9d10d66a48f3d5d4c

  • SHA512

    f29f8cd0ad8e27f579d0c787b84dfdcfab2e33601cb8f79469af1be3ec680e5c0a0e565dd47f3ce89b9b549885aebff3bd517155355bef2a731e5738e9e7ba78

  • SSDEEP

    3072:3rRIjYn+gbwtRJR6agMAZtxEYqGBoNcvyal5bx/jz1t5PWY:VdChB3AZtWOo5a3bNz1t4

Score
10/10

Malware Config

Signatures

  • Async RAT payload 1 IoCs
  • Asyncrat family
  • Obfuscated with Agile.Net obfuscator 1 IoCs

    Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NEAS.0ff4ee90b781b9f295724ef48a10de70_JC.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections