Static task
static1
Behavioral task
behavioral1
Sample
NEAS.31899311def16c86b9d15294fd9a2b765b4a574b79a28d70b0f3dd73b25d62f5exe_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.31899311def16c86b9d15294fd9a2b765b4a574b79a28d70b0f3dd73b25d62f5exe_JC.exe
Resource
win10v2004-20230915-en
General
-
Target
NEAS.31899311def16c86b9d15294fd9a2b765b4a574b79a28d70b0f3dd73b25d62f5exe_JC.exe
-
Size
902KB
-
MD5
69110e7c026f12d745c9eb14457cf51e
-
SHA1
7dd89471735d1bfa3dd903e7ad92c29106dc4cce
-
SHA256
31899311def16c86b9d15294fd9a2b765b4a574b79a28d70b0f3dd73b25d62f5
-
SHA512
2f029deece251f0c29b6145df2b53a642a0c17359a829aadee2365fdb7f6a51c1909b891c4026ea92b84d93ea8739f20fea2eea7f8a1c5965ae0e504c8bb9f79
-
SSDEEP
12288:+b2V7zXvhzk2tGXG3yFyHNhr8LZNeqaFr+sfCEpqQxGgqROd:v7zXBvQKu2ZeZNZ0r+agROd
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource NEAS.31899311def16c86b9d15294fd9a2b765b4a574b79a28d70b0f3dd73b25d62f5exe_JC.exe
Files
-
NEAS.31899311def16c86b9d15294fd9a2b765b4a574b79a28d70b0f3dd73b25d62f5exe_JC.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 885KB - Virtual size: 884KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ