Behavioral task
behavioral1
Sample
NEAS.1f2171a3f420cfb7791c3851b6753710_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.1f2171a3f420cfb7791c3851b6753710_JC.exe
Resource
win10v2004-20230915-en
General
-
Target
NEAS.1f2171a3f420cfb7791c3851b6753710_JC.exe
-
Size
228KB
-
MD5
1f2171a3f420cfb7791c3851b6753710
-
SHA1
0b82a3f425e7588f8482d9178b4498f757253c52
-
SHA256
df7463e68e73580a97f963d09429a695c20dc4c855210c14be42d3828de02b8e
-
SHA512
af3384da1d800c47007854d2bb299c313a467e9b5edeed5aa051ecdc382cd0a622d94b2ba6bd7cb136f0fa91b66f2b6cb788bc330a643b951ab92c9b80dbe264
-
SSDEEP
3072:tIgcTTjAq4wbnBjvxc8287Gw8OUtyjMhTdglu4SUvmrX:teAq4wb97KyjsTGxvS
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.1f2171a3f420cfb7791c3851b6753710_JC.exe
Files
-
NEAS.1f2171a3f420cfb7791c3851b6753710_JC.exe.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 126KB - Virtual size: 128KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 82KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE