NEAS[.]04c0cab3e5f56743418ed4a56ce46ba0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.04c0cab3e5f56743418ed4a56ce46ba0_JC.exe
Size

94KB
MD5

04c0cab3e5f56743418ed4a56ce46ba0
SHA1

69114708b696859649ac5e0e5e260549c96c7ad4
SHA256

e723cd3e08e61509dc33c681b51c7e901a884a1e88e9b9d3b58bec65b2f2ba97
SHA512

05be3408e6d22d70d77a459a7be111d3939d9a935c4a94fd6877fa7edd4b5ec456086bf63d5fcfeca1e610e357140dc0b6ef9624a82598749e88c74f943bb343
SSDEEP

1536:8jBmXqcxFiN0qYYOV2+EyMfj6bAVndsQVpaPCnec8YaEJwZK4/83ZoMOALLbwTc:ZmN7pOV2pyAj6EVhVpkCehZEXtpxLLbL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.04c0cab3e5f56743418ed4a56ce46ba0_JC.exe

Files

NEAS.04c0cab3e5f56743418ed4a56ce46ba0_JC.exe
.exe windows:4 windows x86

e4a8da667296d5b6b97876710193cac8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

NlsResetProcessLocale
OpenJobObjectA
GetNumberOfConsoleFonts
IsWow64Process
SetEndOfFile
GetThreadTimes
HeapSetInformation
SetComputerNameExA
IsValidLanguageGroup
HeapValidate
WriteConsoleA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.krdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE