NEAS[.]0ba0a4dc7eacfd32ceb5fef873343de0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.0ba0a4dc7eacfd32ceb5fef873343de0_JC.exe
Size

66KB
MD5

0ba0a4dc7eacfd32ceb5fef873343de0
SHA1

2219b1d3b9fa9e1e047fdac9f5cb69a8e8f14440
SHA256

a899b384485266712e90e60ae4b1aa2ddec17c53c5e73a42c3657a6c46c28266
SHA512

f862c0fd458b9e138daecf02b6a386d915b0b453b249b0497182fc74fe705afc39bd6758b270636b469b9b7bef00bc7e401b8d9a0701f7b6de481b26d2a8b42b
SSDEEP

1536:Pygz4AVWALs+In6IW9V2uvQIMwVc3h7zLICgJg:Kgz4AVWA4hnVW9wQjMx7zx7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0ba0a4dc7eacfd32ceb5fef873343de0_JC.exe

Files

NEAS.0ba0a4dc7eacfd32ceb5fef873343de0_JC.exe
.exe windows:4 windows x86

4ad4111be8dd7ab81abd04108e62ad9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RegDeleteKeyExW
MapViewOfFileEx
AppPolicyGetClrCompat
LZInit
WerRegisterMemoryBlock
SetComputerNameA
HeapQueryInformation
GetFullPathNameW
GetVolumeInformationByHandleW
GetSystemDefaultUILanguage

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE