NEAS[.]2b124bc2dc69df37736af1d2d4c19c30_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2b124bc2dc69df37736af1d2d4c19c30_JC.exe
Size

66KB
MD5

2b124bc2dc69df37736af1d2d4c19c30
SHA1

b1b153eae36b52ede453a7e98150affe3b95131c
SHA256

3b68e8f22a4a904d1380cdcc2868a3769ea1bdcb647fd4c90c989513cfe595a5
SHA512

b26aa82f5cd342ac74244fbb185f374bab9a5ca2bc513e642aa09cca9ff269258d4088fc45d40953efae2d5b62da3f02b3a2991e3d0fbb31b527fda1b5b2c3c0
SSDEEP

1536:eCvpyZk7z30WZCIuTVSJcgMca6TDwrUnK5Re101iWyn:eCpuOPCIusKMXiLRw012

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2b124bc2dc69df37736af1d2d4c19c30_JC.exe

Files

NEAS.2b124bc2dc69df37736af1d2d4c19c30_JC.exe
.exe windows:4 windows x86

0e6a5838a9ac1304642c52f9b4be4169

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedPushEntrySList
GetSystemTimes
FindNLSString
DeleteCriticalSection
WerRegisterAdditionalProcess
GetTimeZoneInformationForYear
CreateFileTransactedA
HeapWalk
GetThreadContext
RegisterApplicationRecoveryCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE