NEAS[.]0af729d6623dc829500d71e22a6f38e0_JC[.]exe | Triage

Sharing

General

Target

NEAS.0af729d6623dc829500d71e22a6f38e0_JC.exe
Size

76KB
MD5

0af729d6623dc829500d71e22a6f38e0
SHA1

dbde6784eba91ec97b267adba0f674ff68f9c079
SHA256

2697c0930b9895181c654be8b8c039d6b2971be640287098b68e6b37e34fbf60
SHA512

0281c231fe40cb861450fd811e624db277724a6d6ebb259f8d5f1fe9f9f254cc5497139df3dcd85bbbd24fdf20b49d55f09bd4f390a5d55faee35c503c531473
SSDEEP

1536:HK215TPyh9JDP3s+saF9ePKHNjgil1N2+jEErxTWDTMqhGKYIZTET8x:HKG5GhLP3lFFEPc5l19jBkMqhGKZTbx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.0af729d6623dc829500d71e22a6f38e0_JC.exe

Files

NEAS.0af729d6623dc829500d71e22a6f38e0_JC.exe
.exe windows:4 windows x86

1d366e2e39d71b39fd1b901838f1bd7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualUnlock
HeapExtend
UnhandledExceptionFilter
GlobalAddAtomA
SetConsoleMenuClose
QueryInformationJobObject
GlobalAddAtomA
IsBadHugeReadPtr
SetDefaultCommConfigA
ExpungeConsoleCommandHistoryA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE