NEAS[.]15c8a86bc2a5b6cde72c8a7998f330a0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.15c8a86bc2a5b6cde72c8a7998f330a0_JC.exe
Size

188KB
MD5

15c8a86bc2a5b6cde72c8a7998f330a0
SHA1

1b9737fbf7789b28efbffaa696c42e9383450571
SHA256

34dde8affd3b911b5714575ae6baafc8de342c275c502b7e8876761cf0bda825
SHA512

f16116a19b7ad241f061e9e7aabac5e8df7181a99fbe41f821104a5fdf84125019333ddcfbc06c794a37ee1596ad9179ae4891cb7985716f0b676773f1265f58
SSDEEP

3072:lf1AO52h0MAu1QzzZKEtZL49PsApBmz/BHR9iT+8h2iFI62mustN7Y:lflhMAlzzZKEtZL4h/Ox9iT+IHI6fuX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.15c8a86bc2a5b6cde72c8a7998f330a0_JC.exe

Files

NEAS.15c8a86bc2a5b6cde72c8a7998f330a0_JC.exe
.exe windows:1 windows x86

ce02fc97755de604b744f484091225bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
RtlUnwind
LeaveCriticalSection
SetLastError
GetModuleHandleA
CloseHandle
GetCurrentThreadId
GetCurrentProcess
UnhandledExceptionFilter
GetStartupInfoA
GetLastError
GetCommandLineA
lstrlenA
GetVersionExA
GetModuleFileNameA
LCMapStringA
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection

crtdll

__GetMainArgs
exit
raise
signal

advapi32

RegOpenKeyExA
RegQueryValueExA

ulib

?Initialize@LONG_ARGUMENT@@QAEEPAD@Z
??0DSTRING@@QAE@XZ

ntdll

RtlFreeHeap
RtlAllocateHeap

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ