NEAS[.]1c92ef6bd27a400b4f1718886df9c940_JC[.]cab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1c92ef6bd27a400b4f1718886df9c940_JC.cab
Size

2KB
MD5

1c92ef6bd27a400b4f1718886df9c940
SHA1

0ac6db62207c838b4591a0c200b8f72be279f86d
SHA256

946f4db3661c908539d3bae627e5165520c38e6976d281835715368071ae1561
SHA512

2a1c6369a548d76285e0d6356ae8551aafa64ed7c3bb48513f4ee25f79e828166f5dbf6ccbf592217b257922a199c58652832fcb2b8d5938458e47819512b778

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/kbdsmsfi.dll

Files

NEAS.1c92ef6bd27a400b4f1718886df9c940_JC.cab
.cab
kbdsmsfi.dll
.dll windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

KbdLayerDescriptor

Sections

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 218B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ