NEAS[.]bda719bb15bfb020769ca3286ed546d5bin_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.bda719bb15bfb020769ca3286ed546d5bin_JC.exe
Size

9.0MB
MD5

6b6a1176aed5aae6fcf245fd1f63475a
SHA1

83db1e9d70428d7c642d15448032f5a58936145e
SHA256

ed515fe27d8524dc9a1f2dd4a7ad8b3c1d056185835feb21e19568c8b8bbeac3
SHA512

754d15a986e4986576ab59e736b6607c2f48556a5c8eadb84049b2b847f70cc5e8fd180285441fb8a85b3917dc4715148882102c8b64981a3f377299263f820d
SSDEEP

196608:eCLzhlNSOMoR94Hk8IlUBFSmYPWZpQzznz+Yd4I2r0TEToA:l/Nd8IlUBu2pi4I2rqs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.bda719bb15bfb020769ca3286ed546d5bin_JC.exe

Files

NEAS.bda719bb15bfb020769ca3286ed546d5bin_JC.exe
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: - Virtual size: 618KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.warehub
Size: - Virtual size: 10.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.warehub
Size: 12.8MB - Virtual size: 12.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ