NEAS[.]NEASNEAS6db85313890141aa6b7b5bdf5ca13ec1785c03e2df83bd1b0aeb11417bd969efexeexeexe_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.NEASNEAS6db85313890141aa6b7b5bdf5ca13ec1785c03e2df83bd1b0aeb11417bd969efexeexeexe_JC.exe
Size

10.6MB
MD5

d64e003b434f25b2952a7af313c7a2c3
SHA1

8bc753b8aca66130d1fbf1b0431fea54eafa99c7
SHA256

6db85313890141aa6b7b5bdf5ca13ec1785c03e2df83bd1b0aeb11417bd969ef
SHA512

c6af701cafa269e6b604037e7e6fa2f079951957e75a6a0d4adbe114d55f19224582c29380a7756de1084ff7823cb2a828441e25060245b049001795e82bd46f
SSDEEP

196608:p9WdR9tFCe2n0dJ3D+ozjh0IbRmyfY9/CVXy5Ulko:8RBCpn0dJ3h0Ilm3/CVrld

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.NEASNEAS6db85313890141aa6b7b5bdf5ca13ec1785c03e2df83bd1b0aeb11417bd969efexeexeexe_JC.exe

Files

NEAS.NEASNEAS6db85313890141aa6b7b5bdf5ca13ec1785c03e2df83bd1b0aeb11417bd969efexeexeexe_JC.exe
.exe windows:6 windows x86

564bfbb79ab3f98d1e523c4b41e0aa1b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

msvcrt

memset

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 991KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

[0]
Size: 1KB - Virtual size: 697.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.m["
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.5u
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Yk1
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ