Static task
static1
Behavioral task
behavioral1
Sample
NEAS.e3c6114a95a6b27415489aca0419f1c0_JC.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.e3c6114a95a6b27415489aca0419f1c0_JC.exe
Resource
win10v2004-20231020-en
General
-
Target
NEAS.e3c6114a95a6b27415489aca0419f1c0_JC.exe
-
Size
119KB
-
MD5
e3c6114a95a6b27415489aca0419f1c0
-
SHA1
5d85d4a1674c70feefdf6a40ffebbbb6b44acd95
-
SHA256
7ce39b504105b9c818dfc70a56cddcce35004aef0b033ab4ac1b6ce087540a84
-
SHA512
25d36f7343f02e011e8cf2132c1099a8a55eb88de7fdf73289d322ed727de9c307a4064be81c5fd65d6cf4695b4e8db7e402c54f4aa6088e8b7aa4e0da13c531
-
SSDEEP
3072:KMPkl/aqJmi6J5NU+B7U+V0ufe5cJNN6TQbLsi4OQdrd44FS:KMU//iJ5Nn7UZu04NNiQkxOQdrdDS
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.e3c6114a95a6b27415489aca0419f1c0_JC.exe
Files
-
NEAS.e3c6114a95a6b27415489aca0419f1c0_JC.exe.exe windows:4 windows x86
49c693b0088e365c7354bf78dd98018f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
OpenThreadToken
NormalizeString
UnregisterApplicationRestart
CallNamedPipeW
SetSystemPowerState
GetFileAttributesExA
GetFinalPathNameByHandleA
GetProcessIoCounters
_hwrite
CloseConsoleHandle
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
rdata Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 105KB - Virtual size: 126KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE