NEAS[.]c30aa3923f6557474ad7f79bf7c390e0_JC[.]exe | Triage

Sharing

General

Target

NEAS.c30aa3923f6557474ad7f79bf7c390e0_JC.exe
Size

150KB
MD5

c30aa3923f6557474ad7f79bf7c390e0
SHA1

8f72ba7e1bf8826e88dc65bcb7a8d9c60e9c8079
SHA256

72064c2fbe0c814769275a6074e67550e4bbf6024b91918555e2acf707afd254
SHA512

fcfd2b9987f71af914c635cbba7eb575d1184d73cfd5b79f365a5ac86ad000fc6f74865b9e38c54ca369ac77accf409a43a2f7aa1a3952c3ef479eba01d526ec
SSDEEP

3072:O/gmHa8e9O823bpNNz1uc1WiF85o99TOQoOE2a:OIma8a6Lru/iYUo

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.c30aa3923f6557474ad7f79bf7c390e0_JC.exe

Files

NEAS.c30aa3923f6557474ad7f79bf7c390e0_JC.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 60KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE