NEAS[.]09ddb802bcfa897d3dc7daa74d37c780_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.09ddb802bcfa897d3dc7daa74d37c780_JC.exe
Size

63KB
MD5

09ddb802bcfa897d3dc7daa74d37c780
SHA1

9f33b3cad35f12509faf24b6018b95eaab51f83a
SHA256

410e8cce03d27b82036ed267c420804ea6c1a78701a04118aecb874f03d975a2
SHA512

cbe7c53f6a82722729dd2dd3eae414e3e161a98a55d2cbb4be043c891b858f0ae9780e06b2d6860d03086d51ca946f074fdeeebc5038c7825c92ced84d265fb5
SSDEEP

1536:49hJqHhD7f8yfLSZEpl30UifhAgtyIh0TOUXhRUI2YnrQP:qhJqBD78Xup10nA66tUIPA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.09ddb802bcfa897d3dc7daa74d37c780_JC.exe

Files

NEAS.09ddb802bcfa897d3dc7daa74d37c780_JC.exe
.exe windows:4 windows x86

37e141ae513245c9cbd4d6f34a0ad83f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStructA
RegisterWaitForSingleObjectEx
ChangeTimerQueueTimer
LZOpenFileW
FindFirstChangeNotificationW
GetConsoleFontSize
GlobalMemoryStatusEx
LZInit
GetSystemPowerStatus
EnumCalendarInfoExW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE