NEAS[.]16c9783bb413c4b02ec16af3cfa73ad0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.16c9783bb413c4b02ec16af3cfa73ad0_JC.exe
Size

66KB
MD5

16c9783bb413c4b02ec16af3cfa73ad0
SHA1

fa512716cbb487486779dd720cbe72aa1f0940c7
SHA256

641fc4d4c01b67bb1c7c3595364aabb7ba437fd41d2ed70129025d10d38f7c67
SHA512

02d8652afe3983836a0a3b19311f113f6fe41a52388d15180eff8b6203fa28c179dcd5825aadebc67f177a99692b461c6170082a4f895669e43fc8429ac563de
SSDEEP

1536:khnzEYM+qFhbXn3A1P5+D9+onN5wgMcv6wE+mLNklF:kAuqDXnQ169LnN5/Mcv6wxmL6T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.16c9783bb413c4b02ec16af3cfa73ad0_JC.exe

Files

NEAS.16c9783bb413c4b02ec16af3cfa73ad0_JC.exe
.exe windows:4 windows x86

b0ec38d1419e4d5fc4191a10f8bcfa01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileShortNameA
GetCurrentProcess
ConsoleMenuControl
GetOverlappedResult
FreeMemoryJobObject
BaseWriteErrorElevationRequiredEvent
CreateFileMappingNumaW
GetFullPathNameW
GetModuleHandleW
CreateThreadpoolTimer

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE