NEAS[.]01583767dfda2e5340b0064f7141c250_JC[.]exe

General

Target

NEAS.01583767dfda2e5340b0064f7141c250_JC.exe
Size

691KB
MD5

01583767dfda2e5340b0064f7141c250
SHA1

8a7ee0acd4a16f751f198d15ddf85b73b6bcc5c5
SHA256

69cf3beecba44dffde25f4af0f2468c544222df09398866f9d464d4c44c7bf8f
SHA512

3fa4fc0d1bf845e6c9b3d29ae355d9995a31479ca5a41340fca593328a7f1699cb69b95f2013bdf18350df1f7d3547f8f70e8a35336aa82d7b159706d07806d7
SSDEEP

12288:vn2z1fdJPN/A7OC3ffPCLckVfjx87Kd/ILeWKRHJPoOyQ3I32vISVw4zXK7c7lbp:uz17WyCPacKfjxwKdwLINiVQ4mQSa4ay

Score

7^/10

vmprotect aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.01583767dfda2e5340b0064f7141c250_JC.exe

Files

NEAS.01583767dfda2e5340b0064f7141c250_JC.exe
.dll windows:5 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

StartHook
StopHook
send_en

Sections

.text
Size: 126KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 274KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 16KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 198KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 126KB - Virtual size: 272KB

.rdata Size: 47KB - Virtual size: 48KB

.data Size: 10KB - Virtual size: 64KB

.SHARED Size: 512B - Virtual size: 4KB

.rsrc Size: 274KB - Virtual size: 304KB

.vmp0 Size: 16KB - Virtual size: 40KB

.vmp1 Size: 198KB - Virtual size: 200KB

.reloc Size: 11KB - Virtual size: 16KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.text
Size: 126KB - Virtual size: 272KB

.rdata
Size: 47KB - Virtual size: 48KB

.data
Size: 10KB - Virtual size: 64KB

.SHARED
Size: 512B - Virtual size: 4KB

.rsrc
Size: 274KB - Virtual size: 304KB

.vmp0
Size: 16KB - Virtual size: 40KB

.vmp1
Size: 198KB - Virtual size: 200KB

.reloc
Size: 11KB - Virtual size: 16KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB