NEAS[.]34a19e1a64f1229585fb307c706ba8d0319693727bd393b7f976080d60d2c6b4_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.34a19e1a64f1229585fb307c706ba8d0319693727bd393b7f976080d60d2c6b4_JC.exe
Size

1.0MB
MD5

eb64a134a756044b9f93ac2c37e0e7b3
SHA1

21db466e6224131dbc5d87a8a59f01869ada88b7
SHA256

34a19e1a64f1229585fb307c706ba8d0319693727bd393b7f976080d60d2c6b4
SHA512

6b552fc36c438268a1744252b8ff905e7a6a6c44bb1b211ea8528be7cb56776abdb19a2ac51650c317442005483fa7a484697a68b7156a0e0373db2c347cd092
SSDEEP

24576:gd9jnOqk86TUK8jOSVYYNDcjCjxkX/tQsC6HM4Spv9/P77ftGFKH0OX:uO2jO4NDccxmtQkzS99/jjtGIH0s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.34a19e1a64f1229585fb307c706ba8d0319693727bd393b7f976080d60d2c6b4_JC.exe

Files

NEAS.34a19e1a64f1229585fb307c706ba8d0319693727bd393b7f976080d60d2c6b4_JC.exe
.exe windows:4 windows x86

b3bfcb6becaf29dba67679770e613826

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4441

msvcrt

_adjust_fdiv

kernel32

InterlockedDecrement

user32

UpdateWindow

shell32

ShellExecuteA

ole32

CoCreateInstance

oleaut32

CreateErrorInfo

urlmon

URLDownloadToFileA

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

advapi32

RegDeleteKeyA

Sections

.text
Size: 148KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 872KB - Virtual size: 872KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ