NEAS[.]3e78cd4e2dcd7b08a7682e31edefad03a659a413ae23018204f9461a6b44c422exe_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.3e78cd4e2dcd7b08a7682e31edefad03a659a413ae23018204f9461a6b44c422exe_JC.exe
Size

138KB
MD5

82009f7a1f50a48de52453bb4e061959
SHA1

0b2c3f650a8cef7fa8f54c0a0d8df2fa42675a1e
SHA256

3e78cd4e2dcd7b08a7682e31edefad03a659a413ae23018204f9461a6b44c422
SHA512

8e1d78910c4c00b6236c9c5293a79a0dcd0c6dcbc8cb3cb22605fa45c3bf9d063af7def5291bb6c30d095f2a68088e0ffe8210393de375677d8fc823b33aa927
SSDEEP

3072:/taoHTRyhoAScL060gorCr04r1RHrvnTEMRPOyCHklx:0uTaGFgo+LzvYMB3CHklx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.3e78cd4e2dcd7b08a7682e31edefad03a659a413ae23018204f9461a6b44c422exe_JC.exe

Files

NEAS.3e78cd4e2dcd7b08a7682e31edefad03a659a413ae23018204f9461a6b44c422exe_JC.exe
.exe windows:1 windows x86

64369b902be8b667b461145ef39ae6b4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptBinaryToStringA

kernel32

GetModuleHandleA
GetProcAddress
LoadLibraryA
RtlUnwind
VirtualProtect

crtdll

__GetMainArgs
exit
raise
signal

ole32

CoRevertToSelf

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 620B - Virtual size: 620B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 228B - Virtual size: 228B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE