NEAS[.]09ed769fb6bff1af772dd45b49bbf270_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.09ed769fb6bff1af772dd45b49bbf270_JC.exe
Size

66KB
MD5

09ed769fb6bff1af772dd45b49bbf270
SHA1

604037f8d1499db1eccc964b2aa8442dc6fbc6c9
SHA256

14607f90880c7686591600a0dd3fe5bd7a4927f0b9ee1b4642c7bbd0695c2474
SHA512

380e76aecd50f9f90f5fa28ac24ee795dfafa6ed328b5ff5d0bb98d0ff4bc7d29a485e64f8a12955b4561a53aeeb7e25d44a581fe10d842f2dd6f6f4d6d51fbf
SSDEEP

1536:0GDu3Jx4y6JQET2R47Oj4EWFWxMITLRv+xMsmWRZxX:0GDu3bl6sR47Oj4rFWxMITVv+OsmWRZt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.09ed769fb6bff1af772dd45b49bbf270_JC.exe

Files

NEAS.09ed769fb6bff1af772dd45b49bbf270_JC.exe
.exe windows:4 windows x86

73ea72380da1d41aceab878ec13bdd82

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AppXGetOSMaxVersionTested
CreateMutexA
GetSystemDirectoryW
TerminateThread
GetThreadPreferredUILanguages
GetConsoleKeyboardLayoutNameW
DeleteFileTransactedW
ClearCommBreak
EnumDateFormatsW
OpenProcess

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE