NEAS[.]07cbbfd356a9d304e7217bd9c999ffe0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.07cbbfd356a9d304e7217bd9c999ffe0_JC.exe
Size

5KB
MD5

07cbbfd356a9d304e7217bd9c999ffe0
SHA1

7189ed4325114709459e6ade1ceceec2eac017d8
SHA256

a3702e4246c856aa848730ad51fd5f98f791df900eb5cead66982557daada132
SHA512

5937dd1fee13a872f2d7a6a587abecc767294816e8d80d909052bfb3f007281d8feb088802f175b617cc1b0a4372614f81042032cae78cfc640eab4514a0832a
SSDEEP

96:XtH9XTeu3lqlglYi1DfOQ9cTrr8m3S8or:h9XiCYK6UDfOQ969or

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.07cbbfd356a9d304e7217bd9c999ffe0_JC.exe

Files

NEAS.07cbbfd356a9d304e7217bd9c999ffe0_JC.exe
.exe windows:4 windows x64

5aa13521145e5f9070f6ce68c49ddb09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalAlloc
GetSystemTime
Sleep
ExpandEnvironmentStringsA

msvcrt

memmove
printf
system
_vsnprintf
__set_app_type
_controlfp
__argc
__argv
_environ
__getmainargs
exit

urlmon

URLDownloadToFileA

snmpapi

SnmpUtilOctetsCpy
SnmpUtilOctetsFree
SnmpUtilOidCpy
SnmpUtilOidAppend
SnmpUtilVarBindCpy
SnmpUtilPrintAsnAny
SnmpUtilMemReAlloc
SnmpSvcGetUptime
SnmpUtilOidToA
SnmpUtilIdsToA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ