NEAS[.]1e982e80dbfc5e853e132694779e57e0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1e982e80dbfc5e853e132694779e57e0_JC.exe
Size

66KB
MD5

1e982e80dbfc5e853e132694779e57e0
SHA1

9b6b29b3bb089a5dbdf310b9e02daeea180dff74
SHA256

78f6b9e59637939208080f2735adaf8986b8fe7517c67bd6d56aebfd8ac505e1
SHA512

7de8a1fd4eaced088084419b5f077ce3f9dbe4526896f9e2863d64e135629d8a6a9fad1e474eef5024c8b9ffdaf53c5155d4e3be0979938653757b4f975e01e8
SSDEEP

1536:nH1Xb+st5aUNaadM+A4JrJga+IBm6kUHqRPVvWW1utjjFb8:ntb+aaUNaadMP47vuUKRteW8xJA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.1e982e80dbfc5e853e132694779e57e0_JC.exe

Files

NEAS.1e982e80dbfc5e853e132694779e57e0_JC.exe
.exe windows:4 windows x86

b29052c15b1fd3fea4b6a73b65ebc306

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatApplicationUserModelId
MultiByteToWideChar
RegSetValueExA
LocalReAlloc
GlobalGetAtomNameA
GetCommConfig
GetSystemAppDataKey
Process32First
SetCachedSigningLevel
FlsSetValue
EnumerateLocalComputerNamesA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE