NEAS[.]02370ec5b41b04b3b4aa2d4553677c50_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.02370ec5b41b04b3b4aa2d4553677c50_JC.exe
Size

204KB
MD5

02370ec5b41b04b3b4aa2d4553677c50
SHA1

83205fc249cbce07cebb5d5a5a4184f06ad1440d
SHA256

34b1a5d4267261983ab94caf4c745ed85df5d42aece1e0d3deb471d39545e56b
SHA512

fd86dd3bcf43c0cb11ec459532d66e5854c88d99de46083fe11aba9f4cad849bb143a8b373dc977b395a2198b63b606227fd95111b01da50dfcb0626993ac6bd
SSDEEP

3072:iwG0yarMEd1pEDY1XJEBvLslM6jkHK4Ba4tyVmyv0ts/K77ncoRi:iw6arcDUKLr+kRBa4laQs/2c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.02370ec5b41b04b3b4aa2d4553677c50_JC.exe

Files

NEAS.02370ec5b41b04b3b4aa2d4553677c50_JC.exe
.exe windows:4 windows x86

a7ab56ae1b8838787884d72eecb7cbe1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
LoadLibraryA
GetProcAddress
ReadFile
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrlenA
GetEnvironmentVariableA
GetModuleFileNameA

user32

LoadIconA
GetSysColor
GetSystemMetrics
LoadCursorA
GetWindowThreadProcessId
SetForegroundWindow
SendMessageTimeoutA
MessageBoxA

msvcrt

_vsnprintf

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shlwapi

SHGetValueA
StrCmpIW
SHSetValueA
StrStrIA
PathRemoveFileSpecA

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ