NEAS[.]58a438e10250ad6c715a04eff261c88dd3ead01a9b3ce516f9b23ad469070086_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.58a438e10250ad6c715a04eff261c88dd3ead01a9b3ce516f9b23ad469070086_JC.exe
Size

2.4MB
MD5

cc6b0d186534c856b77bd2a870584b47
SHA1

f343c0b07b023004949fcfff87294b8b65dab17b
SHA256

58a438e10250ad6c715a04eff261c88dd3ead01a9b3ce516f9b23ad469070086
SHA512

d8d325de990d568501d7b56f9c3b0b35a82fb6e1cd25573012e54be323e6194da67b92eb1a9c50cdbada724af4a7e1046af29dfa4123c3acd353d733c43b18e1
SSDEEP

49152:40ALD1EKPdJYGuOwjNwSnFKxW5mkv/rKVLFa0MBEzhzr82nqtJVqa:6LD2KPnw6SnYTPa0MBE1zivVqa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.58a438e10250ad6c715a04eff261c88dd3ead01a9b3ce516f9b23ad469070086_JC.exe

Files

NEAS.58a438e10250ad6c715a04eff261c88dd3ead01a9b3ce516f9b23ad469070086_JC.exe
.exe windows:4 windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 928KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 367KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dwvjwrpu
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dpdquywf
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE