NEAS[.]047ffaff96e6f045b9fbabac71c750b0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.047ffaff96e6f045b9fbabac71c750b0_JC.exe
Size

66KB
MD5

047ffaff96e6f045b9fbabac71c750b0
SHA1

f092d69c2b6042c0b880c849ad4d86a4e4cc80a2
SHA256

03f865d5b7e7f88c440996b40a2e8f7837ca4f4cd58db21df5e6aa0c1d574efc
SHA512

784c5ffc6f266548d94820632c9fa6f5da0321f6958fe241b5ed0f6af9b4d4180873c61addfdb8ba8ddddc5a1ae29927cea945148107eb3c13476f909cc1b4f8
SSDEEP

1536:NQOYARQKwWAnERfncSx10O0wi8lHNexPRlTkyd+Ly56:SNAWKw202D0HaNePqi+LyQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.047ffaff96e6f045b9fbabac71c750b0_JC.exe

Files

NEAS.047ffaff96e6f045b9fbabac71c750b0_JC.exe
.exe windows:4 windows x86

269435f85cac83fb63d2e1e841d0dffc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocateUserPhysicalPages
QueryUnbiasedInterruptTime
EnumDateFormatsExEx
PeekConsoleInputA
GetDefaultCommConfigW
InitAtomTable
VirtualProtect
GetFileAttributesExA
GetDriveTypeA
OpenFileById

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE