NEAS[.]817671c243db6a0476d13f91e7a64af0_JC[.]exe | Triage

Sharing

General

Target

NEAS.817671c243db6a0476d13f91e7a64af0_JC.exe
Size

176KB
MD5

817671c243db6a0476d13f91e7a64af0
SHA1

3b1f3cf6b41c1916a1b1eeb45bf8f1c8c0a7685b
SHA256

b6fc8b2b4e0cb9bc4a23a381510f655c3717ac6a1d129f4dd9bae8e3f76922d7
SHA512

756c8798212cebb4c11fd1757b0fc7c125d6e896a2cf7ea558475eeea5c762e2556ef6d2083c68b5b4a01f5c9e31d65867326487ce77000f9868739780f5f5ff
SSDEEP

1536:65ccbljiFsHasXSAIYGXpn2uM6whkJuJSI5pOTz7uDGTmK7AZp0XNuTzsqgopWK6:sBjCSbGXp2FhkDIKT2qS50XNYzmw+YpG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.817671c243db6a0476d13f91e7a64af0_JC.exe

Files

NEAS.817671c243db6a0476d13f91e7a64af0_JC.exe
.exe windows:4 windows x86

272472bfdc651ba8e4751a6a51cb84db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
ord697
MethCallEngine
ord626
ord519
ord705
ord631
ord525
EVENT_SINK_AddRef
ord527
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord606
ord713
ord607
ord531
ord536
ord645
ord648
ord571
ord576
ord685
ord578
ord100
ord616
ord617
ord618
ord619
ord542
ord543
ord546
ord580

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE