Behavioral task
behavioral1
Sample
NEAS.498a4d3432de00af654a4474ae1a4ba5_JC.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
NEAS.498a4d3432de00af654a4474ae1a4ba5_JC.exe
Resource
win10v2004-20231020-en
General
-
Target
NEAS.498a4d3432de00af654a4474ae1a4ba5_JC.exe
-
Size
1.5MB
-
MD5
498a4d3432de00af654a4474ae1a4ba5
-
SHA1
ab45bb18443e44363d938ddce7829cbbb3b47b09
-
SHA256
20f5e648f6e6ad38e2ad3f86efcbc4b2e7c3a27fd780f8bc77127864acd9e2e5
-
SHA512
4632a30e33d0ca39726371c83d4f05e7336c9a06bef7ec2a0fddaa14f97763fdc71e7bd91a847a1cc16ab2704bc1518a855fa866cebcdea6bec8e5e317f4d902
-
SSDEEP
24576:004T/BXKSQ4Siil1eY+s1+mRJzKneeOC1co8yanh0SaVvI+Yuhc8ofIJl61VJxkz:yT/o/1iilR+C+Kzi/1cUanhjaVvI+Bh/
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.498a4d3432de00af654a4474ae1a4ba5_JC.exe
Files
-
NEAS.498a4d3432de00af654a4474ae1a4ba5_JC.exe.exe windows:4 windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.jxmnr Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.lpkez Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.g Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ