NEAS[.]2023-09-07_0949118f852ba7fa733500557c3920f1_xiaoba_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2023-09-07_0949118f852ba7fa733500557c3920f1_xiaoba_JC.exe
Size

2.2MB
MD5

0949118f852ba7fa733500557c3920f1
SHA1

b0308fe43d42bd9ee1484d43cd99349b84edf0f8
SHA256

7b75cdb7ec32c6bf6493b9ed2fa264cd07df5e3a42a7cffe42b23f33c46f4418
SHA512

3417dcd750184c95fed0709353659ab8c9f80f04f260578bf234d8e3db0764282beea7cedeeb883f9321698b174986caf17216b195dc254a3b8507fb8a8e85a6
SSDEEP

49152:qR8KvbXwA6gY1h7DK2mldTW8N75xwMDMhovN5jx650TG:UvcA6gY1NmlVW8N7rn4hynVm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.2023-09-07_0949118f852ba7fa733500557c3920f1_xiaoba_JC.exe

Files

NEAS.2023-09-07_0949118f852ba7fa733500557c3920f1_xiaoba_JC.exe
.exe windows:5 windows x86

27df0f15ac3215e27bde7985644b6e89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool msvfw32

ClosePrinter ��?

Sections

.text
Size: 1.3MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

SE
Size: 832KB - Virtual size: 832KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

SE
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

SE
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ