NEAS[.]5c658812f7eea0e7cf7e21d87700582c_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.5c658812f7eea0e7cf7e21d87700582c_JC.exe
Size

128KB
MD5

5c658812f7eea0e7cf7e21d87700582c
SHA1

ac7cff49c0b20efe393ef4000d79f3d9e9571306
SHA256

151f438c70f88b617b0853b67b7bc05eae20ffaa6960ed88536e5689920f14ec
SHA512

d4c2b00a4ceb7ba98cb5af7f10486d540b19c38e19a025e854ca178bc3aa1d990c1b3509adfadb5855221be3899f45955f2d711fbec01fb573b38762e0badb6b
SSDEEP

3072:gD/UwD00GkLfIjVcUlll/NtCzhaWDFFg:qUI00GkLfIjVc+ldWlfg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.5c658812f7eea0e7cf7e21d87700582c_JC.exe

Files

NEAS.5c658812f7eea0e7cf7e21d87700582c_JC.exe
.exe windows:4 windows x86

f5df43e069c53b79079e4502d4d762b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemPowerStatus
DeleteTimerQueueTimer
FlushViewOfFile
InterlockedIncrement
GetPrivateProfileStructA
CreateSemaphoreA
TlsGetValue
GetEnvironmentStrings
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

icode
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

idata
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ