Behavioral task
behavioral1
Sample
NEAS.67af125ba486ef39b3bfbab5c5542b48_JC.exe
Resource
win7-20231020-en
General
-
Target
NEAS.67af125ba486ef39b3bfbab5c5542b48_JC.exe
-
Size
341KB
-
MD5
67af125ba486ef39b3bfbab5c5542b48
-
SHA1
4510b9f4adc6c2525b696bfbc5acc3095e5291cc
-
SHA256
7e75fec7b7e45ecbdf050e3b30b169b58a2d309a62c7f2b6e1c71820b51f54e0
-
SHA512
111a1de76e31c2f3f4288d0e56abd206cfa763637d8715e22f97ee428b940148a8ccea72eee2f9767885800674f36d341c8824a0a53bfe04712bd0bd968f48f4
-
SSDEEP
6144:L5j2IK9SqJ2HoS7LZRlUFARtbAwmw2IP4RznwJd2h/obwyEnAv64ZfR:LscqQoS7l3UW8wmeaznwcob33vRn
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.67af125ba486ef39b3bfbab5c5542b48_JC.exe
Files
-
NEAS.67af125ba486ef39b3bfbab5c5542b48_JC.exe.exe windows:5 windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 384KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 65KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 269KB - Virtual size: 272KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE