NEAS[.]055cf0b8f78ec3bfc9e46ea2f6cab3a0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.055cf0b8f78ec3bfc9e46ea2f6cab3a0_JC.exe
Size

844KB
MD5

055cf0b8f78ec3bfc9e46ea2f6cab3a0
SHA1

d6a6f23727ba3d7cf97d36c0fb946f519a667be7
SHA256

cb277257bc663f9afb672c7f562168679d5835fd8e13fb5cd90e728d96fa51fe
SHA512

a036a4bb10bd88c711b1325f1bbe015336a4461fe38bc8295e929287830dfd29ece47fda42bf0798c29c782ebc90e6272427a75c78d1d7a617d6a16ee725fa91
SSDEEP

768:kjuQNHiLiArft5TZGj7zT2TdnUIw/VLuWCqc:JQNCdfTT8+Xw/VLubt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.055cf0b8f78ec3bfc9e46ea2f6cab3a0_JC.exe

Files

NEAS.055cf0b8f78ec3bfc9e46ea2f6cab3a0_JC.exe
.exe windows:4 windows x86

9e090f09e137a0c37861eb41a764d88c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord595
ord302
ord308
EVENT_SINK_AddRef
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord608
ord100

Sections

.text
Size: 836KB - Virtual size: 834KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ