NEAS[.]NEASbd855e3a5ca38af098a72ff070250d05exe_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.NEASbd855e3a5ca38af098a72ff070250d05exe_JC.exe
Size

315KB
MD5

bd855e3a5ca38af098a72ff070250d05
SHA1

f07c37f02fbd873238386ddfc4ce957dea1813bd
SHA256

651d9b90b267f29addef84668ce788f2f00fd1a2ec4a8d6c15139eac0701c94e
SHA512

c81d688c8f09596c8df87985018c8a238a18f3ead07ccc33db991987a0fe8979cf185ae03b8fd89dd3f4cc31c444c9fb17445085ff10ce3d9c3aedec33019270
SSDEEP

6144:TOAztL6W+JJMPkZ5tJb52Wd83erDPKmjxTz7HbYcPCVYhg+Kw:TOMFwMPkDH/QiPLxvzblu2FKw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.NEASbd855e3a5ca38af098a72ff070250d05exe_JC.exe

Files

NEAS.NEASbd855e3a5ca38af098a72ff070250d05exe_JC.exe
.exe windows:5 windows x86

f11f6549e50349d6f9e15c2e49acd8e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

htonl

iphlpapi

GetAdaptersInfo

Sections

OIYTGFRT
Size: - Virtual size: 384KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

OIYTGFRT
Size: 301KB - Virtual size: 304KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE