NA_04ea4c06a30765exe_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NA_04ea4c06a30765exe_JC.exe
Size

56KB
MD5

04ea4c06a307652b6e8f063de653afbb
SHA1

11a779844431e032779afe45d5940078ce6cf00a
SHA256

b81df89498164d2d37b21f9635adb95d21d45763fdd9bc4b898c2734b6272135
SHA512

846e7dd7f97dc6554c87df946a722fcfb0eea7289386318a9a0bc1246be83163211852f2b32ae5d7449d88c11a4464d6136a3084677ffcad84f340025b3c1e7d
SSDEEP

768:XS5nQJ24LR1bytOOtEvwDpjNb6kZq/gqASiLRNcK1JNKSFW:i5nkFGMOtEvwDpjNb6kZq8hLRlJNKSQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NA_04ea4c06a30765exe_JC.exe

Files

NA_04ea4c06a30765exe_JC.exe
.exe windows x86

e021c9fc2c12265365fad587d43783fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

EndPaint

gdi32

CreateFontIndirectA

Sections

.MPRESS1
Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 910B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE