Behavioral task
behavioral1
Sample
NEAS.de343594170ff116cd9a8050dfd3a120_JC.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.de343594170ff116cd9a8050dfd3a120_JC.exe
Resource
win10v2004-20231023-en
General
-
Target
NEAS.de343594170ff116cd9a8050dfd3a120_JC.exe
-
Size
246KB
-
MD5
de343594170ff116cd9a8050dfd3a120
-
SHA1
821b44259326705ad0206cbc423efa38ee410a7c
-
SHA256
b81fe9f1d05d6a563c03d4c5776413c7e1ac54b06e3654180799c808c8e4f397
-
SHA512
f1f444b8b96e81e862f33512a4df77e65df8d51b50495e23ad63829450a5fe2fb1bd8c2c7fe3aac6bb6abeb56f64044f80bbdeba852caa24c4c56f3ead8fc674
-
SSDEEP
6144:rMooVQnnOBccnskYPmTpUxrr1XRA7WHxWoN+J0EafCUSYibN6WGd:cQnO/s1mTpG5bUo4bafVibvQ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource NEAS.de343594170ff116cd9a8050dfd3a120_JC.exe
Files
-
NEAS.de343594170ff116cd9a8050dfd3a120_JC.exe.exe windows:5 windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 24.1MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 242KB - Virtual size: 244KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE